Using keytab file to authenticate with kerberos to PostgreSQL on a RHEL 8.4 client

  • 25 August 2021
  • 2 replies

Userlevel 1
Badge +5

Hi all,

I thought this was an interesting question and cannot find any prior reference or support document for it.

We are protecting several postgresql DBs with the postgresql agent on RHEL 8.  A third party operates this system and have implemented kerberos authentication for all user accounts to meet strict compliance requirements. 

I have been asked if we can configure the postresql agent to use a keytab file to authenticate with the postgresql server.

User accounts for postgresql reference.

I’ve seen that CV supports keytab files for other solutions like Hadoop so I’m wondering if there is an undocumented but supported method to apply this configuration.

Our versions are:

Commserve, Mediaagents, linux client & postgresql agent 11.20.46 (will be updated on 11.20.* path soon)

RHEL 8.4

krb5-libs.x86_64                              1.18.2-8.el8                              @rhel-8-for-x86_64-baseos-rpms
krb5-server.x86_64                            1.18.2-8.el8                              @rhel-8-for-x86_64-baseos-rpms
krb5-workstation.x86_64                       1.18.2-8.el8                              @rhel-8-for-x86_64-baseos-rpms
sssd-krb5.x86_64                              2.4.0-9.el8                               @rhel-8-for-x86_64-baseos-rpms
sssd-krb5-common.x86_64                       2.4.0-9.el8                               @rhel-8-for-x86_64-baseos-rpms



Best answer by Sunil 25 August 2021, 13:49

View original

2 replies

Userlevel 5
Badge +13

Hi @SLodge_IW 

This is not supported yet for PostgreSQL.




Userlevel 1
Badge +5

Thanks for the quick response Sunil.