[38088] in Kerberos
Re: question about kdb5_util dump format
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Oct 26 11:25:53 2017
To: Jerry Shipman <jes59@cornell.edu>, "kerberos@mit.edu" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <6ecf9bba-400b-3211-8c84-63e777b034cd@mit.edu>
Date: Thu, 26 Oct 2017 11:25:36 -0400
MIME-Version: 1.0
In-Reply-To: <4AAC4218-0C24-44BC-A840-7D5DA1C1F54F@cornell.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 10/26/2017 10:57 AM, Jerry Shipman wrote:
> If the key blob is different (for the same ciphers), does it for sure mean that the passwords are different? Or is it maybe salted with the kvno or something? (I thought the salt was predictable -- realm, or principal name, or nothing -- which would be the same for the different keys. And it would almost have to be the same, in order for the history to work?)
The key blob in the dump file is encrypted with the master key. This
encryption is non-deterministic (it uses a random confounder), so the
key blobs in the dump file should pretty much always be different when
the key changes, even to the same password. The size should generally
be the same, though, even if the passwords were different. If the key
blobs are really of different sizes, I would be interested in knowing
the enctype
The salt is normally deterministic, unless the "special" salt type is
used. The kvno is never included in the salt.
> I don't understand this at all, but I sort of naively expected that all keys of a certain cipher type would be the same size. Why is the one larger? Maybe does it contain the old key history in there? or something else? (I know the key history is stored somewhere...)
The key history is stored within a tl_data entry of type 3 (aka
KRB5_TL_KADM_DATA). tl-data comes before key data in a dump record, so
you might be looking at that.
> Is there something reasonable I can do to definitively find out whether the user's old and new passwords are the same?
In principle one could (or could determine why kadmind can't tell
whether they are different), but we don't have the tooling to make it easy.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
