[16714] in Kerberos_V5_Development
Re: Automatically randomizing principal keys (in preauth plugin)
daemon@ATHENA.MIT.EDU (Luke Howard)
Wed Mar 23 07:59:32 2011
Mime-Version: 1.0 (Apple Message framework v1084)
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <x8q7hbqcawx.fsf@mantis.cs.huji.ac.il>
Date: Wed, 23 Mar 2011 22:58:23 +1100
Message-Id: <242BDF49-BB2A-4D8A-A5FE-EE42A39199B8@padl.com>
To: Yair Yarom <irush@cs.huji.ac.il>
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
> My problem is with the krbPrincipalKey. If it's missing or empty, the
> kdc won't authorize the user (even though the preauth succeeded). So as
> I see it I have two basic options (besides using kadmin):
>
> 1. Have the preauth plugin check if there's a key available, and if not
> create a random one and insert it into the database. Is this
> possible? If so how and where in the plugin should I do it?
>
> 2. Have all users have the same static (random) key. Here the question
> is how insecure is it? i.e. I force the use of my preauth plugin as
> it's the only one installed that provides HW authentication
> (allegedly). So is this key actually used anywhere?
>
> Any other suggestion would be appreciated.
What about fixing the real problem, which appears to be that the KDC (or KDB library) requires the user to have a key?
(True this won't work if you can't recompile the KDC.)
-- Luke
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
