When using --negotiate with curl, is a keytab file required?

Question

The documentation describing how to connect to a kerberos secured endpoint shows the following:

curl -i --negotiate -u : \"http://:/w         


        

Answer 1

1. Check curl version

   $ curl -V - It should support the feature "GSS-Negotiate"

2. Login using kinit

   $ kinit

3. Use curl

   $ curl --negotiate -u : -b ~/cookiejar.txt -c ~/cookiejar.txt http://localhost:14000/webhdfs/v1/?op=liststatus

   "--negotiate" option enables SPNEGO

   "-u" option is required but ignored (the principle specified during kinit is used)

   "-b" & "-c" options are used to store and send http cookies.