Assumptions and Prerequisites

On this page

Depending on your Kerberos environment, some of the instructions may require changes to adhere to your realm’s configuration.

Prerequisites

Understanding of Kerberos concepts and how to administer a realm.
A cluster running SingleStore version 5.7.4 or later.
SingleStore Client: Typically installed on the main deployment host when deploying SingleStore. Instructions for installing the client are also included in the configuration process.
The SingleStore ODBC Driver: The SingleStore ODBC Driver supports Kerberos/GSSAPI authentication. For additional ODBC, JDBC, and C++ clients that you can use to authenticate SingleStore users, refer to Connect with Application Development Tools.
GSSAPI Authentication Plugin: In addition to the SingleStore client and ODBC Driver, you must also have the GSSAPI authentication plugin available on the connecting host. The plugin is referenced in the connection string when connecting with a client or connector. The GSSAPI plugin is packaged with the SingleStore ODBC Driver, download its latest version. Once downloaded, the plugin is located in a path such as singlestore-odbc-connector-<version>/plugins directory for Linux/Unix and it is installed with the driver for Windows. For more information, refer to The SingleStore ODBC Driver.

Last modified: June 5, 2024

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

(Optional) Run the following command to view the associated signature files.
Shell
```
curl undefined
```
Download the signature file from the SingleStore release server.
- Option 1: Click the Download Signature button next to the SingleStore file.
- Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.
- Option 3: Run the following command to download the signature file.
  Shell
```
curl -O undefined
```

After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

Shell

echo -n undefined |
    cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
      --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
      --bundle undefined \
      --new-bundle-format -

Verified OK