Security issue with pam-krb5 ?

Sam Hartman hartmans at MIT.EDU
Fri Aug 29 16:09:21 EDT 2003

>>>>> "Brian" == Brian Davidson <bdavids1 at> writes:

    Brian> Interesting.  I've used libpam-krb5 on a system which did
    Brian> not have a local host key, and it still worked for
    Brian> authentication.  Granted, it's not mutual-authentication,
    Brian> but if the KDC which responded is the real KDC, obtaining a
    Brian> TGT should be sufficient.

Most implementation of libpam-krb5 run in two modes.  In the first
mode, they try to get credentials for the user being logged in.  IN
this mode, no verification happens, and the module is only a
convenience--running kinit to get tickets.  In the second mode,
verification is required and the module actually provides

Many implementations of libpam-krb5 use the existence of a host key to
determine which mode to run in.

More information about the Kerberos mailing list