Name: jupyterhub-example-kerberos
Owner: JupyterHub
Description: Example for experimenting with how JupyterHub can be configured to work with Kerberos
Created: 2016-11-09 19:03:08.0
Updated: 2018-05-07 19:16:13.0
Pushed: 2017-10-17 02:05:39.0
Homepage: null
Size: 16
Language: Python
GitHub Committers
| User | Most Recent Commit | # Commits |
|---|
Other Committers
| User | Most Recent Commit | # Commits |
|---|
A proving ground for configuring JupyterHub to work with Kerberos.
This project exists to help you (and us) learn how JupyterHub and Kerberos can interoperate. It will never provide an out-of-the-box, production-ready experience.
At the moment, it is very much a work in progress. If you have experience configuring JupyterHub with Kerberos, please jump in and help us out!
alice and bob can successfully log into
JupyterHub when it is configured with PAM backed by Kerberos.kinit command from within any
terminal or Python notebook.kutil command from within
any terminal or Python notebook.Start a KDC container and two JupyterHub containers, one using the default
local spawner and the other the sudo spawner, by running docker-compose up.
Visit http://localhost:8000 to access the JupyterHub instance running as root
and configured with the local spawner. Visit http://localhost:8001 to access
the instance running as jupyter and configured with the sudo spawner. Login
to either instance with username alice or bob with a password matching the
username.
Click New → Terminal to start a terminal session. View the ticket granting
ticket received during login by running klist. Renew the TGT by running
kinit -R.
Generate a keytab by running the following commands, substituting bob for
alice if you logged into JupyterHub with that user instead.
il
nt -password -p alice@KDC.LOCAL -k 1 -e rc4-hmac
/home/alice/.keytab
Show the contents of the keytab by running klist -k ~/.keytab.