On 01/07/2019 12:21 PM, Robbie Harwood wrote:
Always. But like any security system, you have to set it up right.
Yep.I'm trying to gain a working foundation of Kerberos to try to avoid doing blatantly bad things. I'm also looking to find more information and learn.
No, communication isn't in the clear. It may provide some intuition of what Kerberos communicates (though is no longer entirely technically accurate) to look at https://web.mit.edu/Kerberos/www/dialogue.html
Interesting read.
I watched a few videos about Kerberos over the holidays.
1) Link - Basic Kerberos Authentication
- https://www.youtube.com/watch?v=u7MQoSN19O4
2) Link - Kerberos Delegation and Protocol Transition
- https://www.youtube.com/watch?v=UGWP4ewxcTA
3) Link - Kerberos Authentication on BIG-IP APM
- https://www.youtube.com/watch?v=NDFJ7m8iaPA
4) Link - 6.858 Fall 2014 Lecture 13: Kerberos
- https://www.youtube.com/watch?v=bcWxLl8x33c
#4 is an 80 minute lecture from MIT. I found it and #1 to be quite
informative about where packets flow between.
The biggest concern in a new Kerberos deployment is secrets being based on passwords. To varying degrees, this reduces the strength of the system as a whole to the strength of the passwords.
Yep.I suspect the -randkey option when adding a principal is significantly better than a password.
I wonder if there is any possibility of users using a random key that is password protected. Thus using the password unlocking the random key that is used to secure communications. - I suspect that would make keys used for users as secure as -randkey for services, at least as far as brute forcing things. Of course you would need to protect the encrypted key. But that's a different issue.
In the system proposed in the dialogue above, for instance, it's possible to observe an exchange and mount an offline dictionary attack against it. More information on mitigating that (which isn't too hard) can be found here: https://web.mit.edu/kerberos/krb5-devel/doc/admin/dictionary.html#dictionary
That's an interesting read.I wonder if I should recreate my user principals (the few that exist in my test REALM) using "+requires_preauth -allow_svr".
I'll do some more reading on the other defenses / mitigations listed. You might have seen the exchange with Russ A. about FAST.
More reading. More to learn.
See above.
Sorry, I can't translate that to what your opinion is about using Kerberos between a LAN client (with a local KDC) and a web server across the Internet. (Thus the client <-> KDC interaction is on the LAN.)
I'll need to re-read dialogue to track what communications is happening between what entities.
I'm trying to build a mental model / working understanding of what communications between KDC <-> client <-> server is sensitive and what is okay to send across the Internet. I /think/ that client <-> server is okay as part of SSH. - I'm trying to understand if the client <-> server is okay on it's own, or if it's also relying on security offered by SSH. Mainly so that I can judge how safe it is to use for other protocols between the client and server (with or without other encryption).
I think the biggest issue is that I need to get the keytab to the server in a secure manner. I would expect that something like scp / sftp would suffice.
It's worth mentioning that there are turnkey solutions for configuring entire identity management systems (i.e., including Kerberos) now. For instance, we develop FreeIPA ( https://www.freeipa.org/ ), which will mitigate these threats by default.
I was vaguely aware of FreeIPA. (I think) I now know more about FreeIPA. FreeIPA seems to be a purpose built Linux distribution that incorporates the technologies listed under Main features section of the link you provided.
I feel like FreeIPA is analogous to a Lego set that produces one particular structure using the aforementioned technologies as some of the Lego bricks. - I personally want to learn how to use the Lego bricks within my existing structures. I've already got LDAP, Kerberos, NTP, DNS, and SSSD working (to my satisfaction). So I'm reluctant to throw those integrated things out and introduce a new turn key appliance, namely a FreeIPA (V)M.
I do want to do some more looking at the Dogtag certificate system to see how it is used and how it integrates with Kerberos.
Thank you for the detailed reply Robbie. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
