[38031] in Kerberos
Re: Is a keytab file encrypted?
daemon@ATHENA.MIT.EDU (Russ Allbery)
Fri Jul 21 15:42:56 2017
From: Russ Allbery <eagle@eyrie.org>
To: Charles Hedrick <hedrick@rutgers.edu>
In-Reply-To: <A6886DC9-B31F-466E-AAFD-C6C63515027A@rutgers.edu> (Charles
Hedrick's message of "Fri, 21 Jul 2017 15:13:54 +0000")
Date: Fri, 21 Jul 2017 12:42:38 -0700
Message-ID: <871sp9lgpd.fsf@hope.eyrie.org>
MIME-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Charles Hedrick <hedrick@rutgers.edu> writes:
> The argument makes sense.
> However I am disturbed by the fact that a keytab can be used
> anywhere. If someone manages to become root on one machine, I’d like
> them not to be able to do things on other machines. I’m in an
> environment where we have systems administered by users, and unattended
> public workstations.
> That makes me unwilling to tell users to create key tables for cron
> jobs.
Yeah, if you're worried about portable keys, that's when you probably want
to do something with a system TPM. If you go down that path, I'd probably
try to figure out some way to do PKINIT using a TLS certificate stored in
the TPM. I'm not aware of anyone who has already done that work, but it
would be a pretty interesting project.
--
Russ Allbery (eagle@eyrie.org) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
