Question about keytabs and ktutil

Brian Candler B.Candler at pobox.com
Thu Dec 23 13:53:50 EST 2010 

Could someone please explain to me why there needs to be a separate entry in
the keytab for each encryption type which might be encountered?  Is the key
somehow partially-processed before it is stored?

In some circumstances I'd like to add a principal in the KDC with a
manually-chosen passphrase, and enter the same passphrase into a keytab at
the host side, rather than use kadmin on that host or use kadmin on another
host and then copy the keytab across.

But ktutil makes it clear that separate entries are needed for each
encryption type:

    $ ktutil
    ktutil:  addent -password -p HTTP/foo.example.com -k 4 -e aes256-cts
    Password for HTTP/foo.example.com at EXAMPLE.COM: 
    ktutil:  addent -password -p HTTP/foo.example.com -k 4 -e arcfour-hmac
    Password for HTTP/foo.example.com at EXAMPLE.COM: 
    ktutil:  addent -password -p HTTP/foo.example.com -k 4 -e des3-hmac-sha1
    Password for HTTP/foo.example.com at EXAMPLE.COM: 
    wkt /etc/apache2/krb5/krb5.keytab

and I was just wondering what's the fundamental constraint which means this
is necessary.

(It might also be convenient if ktutil could ask for the passphrase once and
create multiple entries for the different ciphers, but that's a different
point)

---+++---

Supplementary question about allow_weak_crypto.

I'm running mit 1.8.1 under Ubuntu 10.04.1 LTS, with mostly out-of-the-box
config. I don't have allow_weak_crypto in /etc/krb5.conf. kdc.conf was
autogenerated by debconf at install time:

[kdcdefaults]
    kdc_ports = 750,88

[realms]
    EXAMPLE.COM = {
        database_name = /var/lib/krb5kdc/principal
        admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
        acl_file = /etc/krb5kdc/kadm5.acl
        key_stash_file = /etc/krb5kdc/stash
        kdc_ports = 750,88
        max_life = 10h 0m 0s
        max_renewable_life = 7d 0h 0m 0s
        master_key_type = des3-hmac-sha1
        supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3
        default_principal_flags = +preauth
    }

Now, if I create a principal in kadmin and look at it with getprinc, it
tells me it has 8 keys, including those weak ciphers listed in
supported_enctypes.

Number of keys: 8
Key: vno 4, AES-256 CTS mode with 96-bit SHA-1 HMAC, no salt
Key: vno 4, ArcFour with HMAC/md5, no salt
Key: vno 4, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 4, DES cbc mode with CRC-32, no salt
Key: vno 4, DES cbc mode with RSA-MD5, Version 4
Key: vno 4, DES cbc mode with RSA-MD5, Version 5 - No Realm
Key: vno 4, DES cbc mode with RSA-MD5, Version 5 - Realm Only
Key: vno 4, DES cbc mode with RSA-MD5, AFS version 3

So does this mean a KDC will still generate keys for weak algorithms, but
won't actually use them unless allow_weak_crypto=true ?

Thanks,

Brian.

More information about the Kerberos mailing list