Security issue with pam-krb5 ?

Brian Davidson bdavids1 at
Fri Aug 29 13:40:25 EDT 2003

On Thursday, August 28, 2003, at 03:54 PM, Sam Hartman wrote:
>     Brian> libpam-krb5 attempts to obtain a TGT from your KDC.
>     Brian> Successfully obtaining a TGT means you are authenticated.
> Actually, no, you need to verify this TGT against some known service
> principal like the local host key.
> Successfully obtaining a TGT only implies authentication if the user
> and a spoofed  KDC aren't cooperating.

Interesting.  I've used libpam-krb5 on a system which did not have a 
local host key, and it still worked for authentication.  Granted, it's 
not mutual-authentication, but if the KDC which responded is the real 
KDC, obtaining a TGT should be sufficient.

Now that you mention it, I do see the potential danger of a spoofed 
KDC...  host keys still aren't _required_ by libpam-krb5, as far as I 
know.  Am I missing something?


More information about the Kerberos mailing list