[6745] in Kerberos
Re: random_key(), ksrvutil, and /etc/krb-srvtab
daemon@ATHENA.MIT.EDU (Richard Basch)
Fri Feb 23 11:43:51 1996
Date: Fri, 23 Feb 1996 11:17:45 -0500
To: Dieter Dworkin Muller <dworkin@village.org>
Cc: kerberos@MIT.EDU
In-Reply-To: <199602231428.HAA00281@fountain.village.org>
From: "Richard Basch" <basch@lehman.com>
On Fri, 23-February-1996, "Dieter Dworkin Muller" wrote to "kerberos@MIT.EDU" saying:
> Since random_key() is purely time-based, ksrvutil used to use it, and
> ksrvutil is used to change the key on clients (stored in
> /etc/krb-srvtab), is it not also necessary to run "ksrvutil change" on
> each system that supports incoming Kerberized connections (rlogin,
> etc)? You know the time it was run from the last-write timestamp on
> the file....
>
> I'd love to hear that it's not, but I haven't been able to convince
> myself of it.
You are correct... If you believe that someone knows when the last
srvtab was generated using ksrvutil, then it is theoretically possible
that even with the new ksrvutil, the new srvtab could be compromised.
If you use the "get-srvtab" program, assuming you have setup the kadmin
server to trust your identity to do so, then the new keys will also have
been seeded by the Kerberos master key, thereby restoring security to
your srvtabs.
--
Richard Basch
Sr. Developer/Analyst URL: http://web.mit.edu/basch/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com, basch@mit.edu
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049
