Kerberos n00b question.

Grant Taylor gtaylor at tnetconsulting.net
Mon Jan 7 20:03:34 EST 2019 

On 01/07/2019 12:21 PM, Robbie Harwood wrote:
> Always.  But like any security system, you have to set it up right.

Yep.

I'm trying to gain a working foundation of Kerberos to try to avoid 
doing blatantly bad things.  I'm also looking to find more information 
and learn.

> No, communication isn't in the clear.  It may provide some intuition 
> of what Kerberos communicates (though is no longer entirely technically 
> accurate) to look at https://web.mit.edu/Kerberos/www/dialogue.html

Interesting read.

I watched a few videos about Kerberos over the holidays.

1)  Link - Basic Kerberos Authentication
      - https://www.youtube.com/watch?v=u7MQoSN19O4
2)  Link - Kerberos Delegation and Protocol Transition
      - https://www.youtube.com/watch?v=UGWP4ewxcTA
3)  Link - Kerberos Authentication on BIG-IP APM
      - https://www.youtube.com/watch?v=NDFJ7m8iaPA
4)  Link - 6.858 Fall 2014 Lecture 13: Kerberos
      - https://www.youtube.com/watch?v=bcWxLl8x33c

#4 is an 80 minute lecture from MIT.  I found it and #1 to be quite 
informative about where packets flow between.

> The biggest concern in a new Kerberos deployment is secrets being 
> based on passwords.  To varying degrees, this reduces the strength of 
> the system as a whole to the strength of the passwords.

Yep.

I suspect the -randkey option when adding a principal is significantly 
better than a password.

I wonder if there is any possibility of users using a random key that is 
password protected.  Thus using the password unlocking the random key 
that is used to secure communications.  -  I suspect that would make 
keys used for users as secure as -randkey for services, at least as far 
as brute forcing things.  Of course you would need to protect the 
encrypted key.  But that's a different issue.

> In the system proposed in the dialogue above, for instance, 
> it's possible to observe an exchange and mount an offline 
> dictionary attack against it.  More information on 
> mitigating that (which isn't too hard) can be found here: 
> https://web.mit.edu/kerberos/krb5-devel/doc/admin/dictionary.html#dictionary

That's an interesting read.

I wonder if I should recreate my user principals (the few that exist in 
my test REALM) using "+requires_preauth -allow_svr".

I'll do some more reading on the other defenses / mitigations listed. 
You might have seen the exchange with Russ A. about FAST.

More reading.  More to learn.

> See above.

Sorry, I can't translate that to what your opinion is about using 
Kerberos between a LAN client (with a local KDC) and a web server across 
the Internet.  (Thus the client <-> KDC interaction is on the LAN.)

I'll need to re-read dialogue to track what communications is happening 
between what entities.

I'm trying to build a mental model / working understanding of what 
communications between KDC <-> client <-> server is sensitive and what 
is okay to send across the Internet.  I /think/ that client <-> server 
is okay as part of SSH.  -  I'm trying to understand if the client <-> 
server is okay on it's own, or if it's also relying on security offered 
by SSH.  Mainly so that I can judge how safe it is to use for other 
protocols between the client and server (with or without other encryption).

I think the biggest issue is that I need to get the keytab to the server 
in a secure manner.  I would expect that something like scp / sftp would 
suffice.

> It's worth mentioning that there are turnkey solutions for configuring 
> entire identity management systems (i.e., including Kerberos) now. 
> For instance, we develop FreeIPA ( https://www.freeipa.org/ ), which 
> will mitigate these threats by default.

I was vaguely aware of FreeIPA.  (I think) I now know more about 
FreeIPA.  FreeIPA seems to be a purpose built Linux distribution that 
incorporates the technologies listed under Main features section of the 
link you provided.

I feel like FreeIPA is analogous to a Lego set that produces one 
particular structure using the aforementioned technologies as some of 
the Lego bricks.  -  I personally want to learn how to use the Lego 
bricks within my existing structures.  I've already got LDAP, Kerberos, 
NTP, DNS, and SSSD working (to my satisfaction).  So I'm reluctant to 
throw those integrated things out and introduce a new turn key 
appliance, namely a FreeIPA (V)M.

I do want to do some more looking at the Dogtag certificate system to 
see how it is used and how it integrates with Kerberos.

Thank you for the detailed reply Robbie.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4008 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20190107/77d126d1/attachment-0001.bin

More information about the Kerberos mailing list