RFC 4121 & acceptor subkey use in MIC token generation

Ken Hornstein kenh at cmf.nrl.navy.mil
Fri Oct 27 14:01:05 EDT 2023


>> Right, part of the problem there is that people want to "use Kerberos
>> with ssh", and they don't understand the difference between gssapi-
>> with-mic
>> and gss-keyex.
>
>Aren't you supposed to use CAC or PIV cards?

Well, I hate to use the "Air Bud" loophole, but the rules as I
understand them don't ACTUALLY say that for ssh, and in some contexts
they explictly say that plaintext passwords are fine as long as you're
doing something like using a RADIUS server to verify the password.  Yes,
the RADIUS protocol is terrible and has MD5 baked into the protocol and
no one has ever explained to me why the STIGS say FIPS mode is manditory
but RADIUS is fine.

>You can definitely use openssh clients with PIV cards and avoid
>kerberos altogether.

I have done that!  But that is actually TERRIBLE IMHO from a security
perspective unless you write a whole pile of infrastructure code; maybe
some sites actually do that but the people I've seen with that setup do
not and then get surprised when they get a new CAC and that breaks.  If
you funnel all that through PKINIT then things are much nicer.


More information about the Kerberos mailing list