#!/bin/sh
if [ X"$KNC_CREDS" != Xdood@EXAMPLE.ORG ]; then
echo "Permission denied" 1>&2
exit 1
fi
cat /var/log/messages
Open Source
Kerberos Tooling
KNC
Quick Description
KNC is Kerberised NetCat. It works in basically the same way as either netcat or stunnel except that it is uses GSS-API to secure the communication. You can use it to construct client/server applications while keeping the Kerberos libraries out of your programs address space quickly and easily.
KNC is used in the Kharon framework as well.
Let’s say that you want to allow a user “dood@EXAMPLE.ORG” to cat /var/log/messages on a server without logging in. You could write this simple shell script called show_log.sh:
You can then run it as a daemon with:
$ KRB5_KTNAME=/path/to/your/keytab knc -l 3666 ./show_log.shAnd remotely connect to it like:
$ knc <service>@<host> 3666 | moreFor more usage and examples, please refer to the man page (HTML, PDF) or look at some of our online examples.
Download
The current release is 1.7.1. It is now built using the autoconf framework.
Building
To build, just:
$ ./configure
$ makeInstall it using “make install”.
The configure script it generated via automake and so it will accept the standard --prefix options if you wish to place the final product in a directory other than the default /usr/local/.
Current Development Sources
The current development sources can be obtained via git:
$ git clone https://oskt.secure-endpoints.com/git/knc
or $ git clone https://imrryr.org/git/knc
or $ git clone https://github.com/elric1/kncThe current sources have been converted to use autoconf and libstool and so can be built and installed:
$ git clone https://imrryr.org/git/knc
$ cd knc
$ autoreconf -f -i
$ ./configure
$ make
$ make installPlease note that libknc does not yet have a stable interface and is subject to change. libknc also will not build by default unless one provides a magic flag.
Authors
Bill Squier and Roland C. Dowdeswell.
License
The code is licensed via a BSD/MIT style license.