Use ssh key to acquire TGT?

Jeffrey Altman jaltman at secure-endpoints.com
Fri Jun 1 13:32:56 EDT 2007 

Adam Megacz wrote:
> Thanks for taking the time to reply, Russ.
>
> Russ Allbery <rra at stanford.edu> writes:
>> PKINIT already exists and is already standardized,
>
> Hrm, last I checked there was no RFC, just an internet-draft.
RFC 4456
http://www.ietf.org/rfc/rfc4556.txt
>> so using X.509 certificates is much easier than using ssh private
>> keys.
>
> Perhaps for administrators it might be, but I would guess that there
> are at least 10x as many active ssh keys on the internet as X.509
> certificates even in spite of the latter having been aroudn longer.
>
> But it shouldn't be hard to define a "default wrapping" for the ssh
> key material as an X.509 certificate.
PKINIT supports the use of raw keys.   Self-signed certs would just fine
too provided that the KDC administrator would be willing to accept them.
>> (such as how to communicate the TGT back to the client securely).
>
> The client would have to keep the equivalent of a "host key" for the
> KDC.  IMHO the usual "asymptotically secure" approach (no security on
> the first connection, but complain loudly if the key changes on any
> subsequent connection) would probably be good enough.
There is active discussion in the IETF Kerberos Working Group on new
pre-auth mechs.  Perhaps you should consider taking part.

I do want to state that as a KDC administrator would have serious
concerns with the use of SSH keys as a method of authenticating a user
to my realm.  Users do not generate unique keys for hosts in separate
authentication domains.  They tend to re-use the same key everywhere. 
They also tend to copy the private keys all over the place.  As a result
the risk of private key theft is high and there is no mechanism to know
what systems have been compromised once the theft has occurred.

Jeffrey Altman
Secure Endpoints Inc.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070601/42c8752c/attachment.bin

More information about the Kerberos mailing list