On 3/4/19 11:45 AM, Yegui Cai wrote: > 1. If I have multiple tenants sharing the same KDC (say, a tenant is mapped > into a realm), how KDC make sure that the data is segregated between realms?
The best option is probably to run separate KDC processes for each realm, with each process listening to a different port. It is possible for a single KDC process to serve multiple realms, but it is not a common configuration, and kadmind doesn't have the same facility. In this configuration, each realm still has its own separate database, and the KDC will only access the database for the request that is currently processing (based on the realm field of the KDC-REQ-BODY). > 2. Similar questions regarding logs. Is there any way to segregate logs > between different realms? With separate KDC processes, each can have its own kdc.conf file with different [logging] directives. With one KDC process serving multiple realms, I don't believe there is any way to keep the logs separate. > 3. If I use the default data storage (Berkeley DB if my understanding is > correct), how data is encrypted at rest? Principal long-term keys are encrypted in a master key; the master key is typically located in a stash file separate from the KDB so that it can be backed up more securely (or not at all). Other principal metadata is not encrypted. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
