host/*@REALM tickets with ssh, DNS
Jason Garman
jgarman at wedgie.org
Fri Aug 9 13:45:51 EDT 2002
On Fri, Aug 09, 2002 at 06:26:43PM +0100, Dennis Davis wrote:
>
> Probably nothing wrong. I've often seen this with KerberosIV and
> some KerberosV code contains comments that indicate that this will
> happen. To quote:
>
> * Verify the Kerberos ticket-granting ticket just retrieved for the
> * user. If the Kerberos server doesn't respond, assume the user is
> * trying to fake us out (since we DID just get a TGT from what is
> * supposedly our KDC). If the host/<host> service is unknown (i.e.,
> * the local keytab doesn't have it), return success but log the error.
>
Simply requesting a TGT for the user and attempting decryption with the
given password (when using Kerberos password authentication) makes your
server vulnerable to a man-in-the-middle attack. Namely, an attacker can
set up a "fake" kdc and race the real kdc when sending the AS_REQ message,
so that the attacker can log in to any authorized kerberos principal with
a password of his choosing.
By requesting a host ticket from the KDC for itself (using the user's
TGT), and verifying that the service key returned by the KDC matches the
one in its local keytab, this attack can be prevented.
--
Jason Garman / jgarman at wedgie.org
More information about the Kerberos
mailing list