[38022] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Is a keytab file encrypted?

daemon@ATHENA.MIT.EDU (Russ Allbery)
Tue Jul 18 22:16:06 2017

From: Russ Allbery <eagle@eyrie.org>
To: Greg Hudson <ghudson@mit.edu>
In-Reply-To: <e311ecb2-ca59-4931-0823-22716eba54bc@mit.edu> (Greg Hudson's
	message of "Tue, 18 Jul 2017 14:12:49 -0400")
Date: Tue, 18 Jul 2017 19:15:41 -0700
Message-ID: <87wp75yxwy.fsf@hope.eyrie.org>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

Greg Hudson <ghudson@mit.edu> writes:
> On 07/18/2017 12:48 PM, pratyush parimal wrote:

>> (2) Is it possible to export the key in encrypted form? If so, then how
>> does the service application open the encrypted keytab?

> The keytab file does not have any way to represent encrypted keys, and
> the kadmin protocol has no facility to export encrypted keys.  One
> could, in principle, design an out-of-band system which used
> kadmin.local to create a keytab, encrypt the file, transmit the
> encrypted kyetab file to the server, and then decrypt the file on the
> server (into a memory filesystem, perhaps) before running the server
> application, but I've never heard of anyone doing that.

You have kind of a chicken and an egg problem, since in a typical Kerberos
environment the keytab *is* the core identity keys for an application.  If
it's encrypted, then you need some other unencrypted keys that *really*
represent the application, at which point why not use those keys for
Kerberos directly?

That said, if you had a private key in a TPM or some other sort of
tamper-resistent hardware, I could see wanting to hand out Kerberos
keytabs encrypted to the public key of the server.  But you'd have to
build the service to do key issuance that way yourself.  (It wouldn't be
horribly hard to build if you'd already done the work to build out the PKI
and its TPM component.)

But, even in that case, it's not clear to me what the keytab is then doing
for you versus just using the PKI and using PKINIT to get Kerberos
tickets.  There are probably some practical uses for introducing the extra
layer of complexity, but it's not obviously necessary.

-- 
Russ Allbery (eagle@eyrie.org)              <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post