[OpenAFS] OpenAFS 1.6.9 and AES tickets

Martin Richter martin.richter@nmgr.net
Thu, 31 Jul 2014 17:16:51 +0200 

--_===594458====mx42.bofh.mx===_
Content-Type: text/plain;charset="utf-8";
 format="flowed"
Content-Transfer-Encoding: quoted-printable

Hi Jeffrey,
=E2=80=8B
Thanks for the clarification.
In my case this will be a new installation so no clients < 1.6.5 will be=20
seen on the cell ever (1.6.5 is part of SL distribution and may be used=20
occasionally). I hope this won't be an issue.
Public service isn't planned by now.
=E2=80=8B
Martin
=E2=80=8B
=E2=80=8B
On Thu, 31 Jul 2014 10:39:12 -0400
  Jeffrey Altman <jaltman@your-file-system.com> wrote:
> On 7/31/2014 10:18 AM, Brandon Allbery wrote:
>> On Thu, 2014-07-31 at 16:12 +0200, Martin Richter wrote:
>>> So this means that client caching can't be used anymore after DES has
>>> been removed from the KDC?=20
>>=E2=80=8B
>> No; rxkad-kdf derives a DES key from a stronger key. Also clients stil=
l
>> default to no encryption in the cache manager (fs setcrypt).
>=E2=80=8B
> This is only true for UNIX cache managers.   Windows default to "fs
> setcrypt on".
>> Just
>> pointing out that (weaker-than-)DES is still used in some places,
>=E2=80=8B
> Weaker than DES (the fcrypt encryption algorithm or no encryption at
> all) is used in *all* places.  The use of AES256-SHA1 is only for
> Kerberos authentication and protection of the long term AFS service
> principal key.  AES256 is never used for wire privacy or integrity
> protection within the AFS protocol.
>=E2=80=8B
> However, I believe Martin is asking a different question.
>=E2=80=8B
>  When the issuance of service tickets with DES session keys is
>  turned off in the KDC, can existing AFS cache managers that do
>  not support "rxkad-kdf" continue to access the AFS cell?
>=E2=80=8B
> The answer to this question is "no".  If an older AFS client, say
> OpenAFS 1.4.11 or 1.6.3 attempts to obtain an AFS token it will request
> the use of DES for the session key.  The KDC (if DES is disabled) will
> either fail the request indicating that there is no support for the
> DES-CBC-CRC encryption type or will issue a service ticket with a
> non-DES session key and a failure will be reported by the client-side
> Kerberos library.   In either case, the older AFS client will be unable
> to authenticate to the cell.
>=E2=80=8B
> Jeffrey Altman
>=E2=80=8B
>=E2=80=8B
>=E2=80=8B
>=E2=80=8B
=E2=80=8B

--_===594458====mx42.bofh.mx===_
Content-Type: text/html;charset="utf-8"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head>
<meta http-equiv=3D"content-type" content=3D"text/html; charset=3Dutf-8">
</head>
<body><div dir=3D"ltr"><p>Hi Jeffrey,&nbsp;</p><p>=E2=80=8B</p><p>Thanks =
for the clarification. </p><p>In my case this will be a new installation =
so no clients &lt; 1.6.5 will be seen on the cell ever (1.6.5 is part of =
SL distribution and may be used occasionally). I hope this won't be an is=
sue.</p><p>Public service isn't planned by now. </p><p>=E2=80=8B</p><p>Ma=
rtin </p><p>=E2=80=8B</p><p>=E2=80=8B</p><p>On Thu, 31 Jul 2014 10:39:12 =
-0400</p><p> Jeffrey Altman &lt;jaltman@your-file-system.com&gt; wrote:</=
p><blockquote style=3D"font-style: italic; color: #333333">
<p> On 7/31/2014 10:18 AM, Brandon Allbery wrote:</p></blockquote><blockq=
uote style=3D"font-style: normal; color: #666666">
<blockquote>
<p> On Thu, 2014-07-31 at 16:12 +0200, Martin Richter wrote:</p></blockqu=
ote></blockquote><blockquote style=3D"font-style: italic; color: #999999"=
>
<blockquote>
<blockquote>
<p> So this means that client caching can't be used anymore after DES has=
</p><p> been removed from the KDC? </p></blockquote></blockquote></blockq=
uote><blockquote style=3D"font-style: normal; color: #666666">
<blockquote>
<p>=E2=80=8B</p><p> No; rxkad-kdf derives a DES key from a stronger key. =
Also clients still</p><p> default to no encryption in the cache manager (=
fs setcrypt).</p></blockquote></blockquote><blockquote style=3D"font-styl=
e: italic; color: #333333">
<p>=E2=80=8B</p><p> This is only true for UNIX cache managers.   Windows =
default to "fs</p><p> setcrypt on".</p></blockquote><blockquote style=3D"=
font-style: normal; color: #666666">
<blockquote>
<p> Just</p><p> pointing out that (weaker-than-)DES is still used in some=
 places,</p></blockquote></blockquote><blockquote style=3D"font-style: it=
alic; color: #333333">
<p>=E2=80=8B</p><p> Weaker than DES (the fcrypt encryption algorithm or n=
o encryption at</p><p> all) is used in *all* places.  The use of AES256-S=
HA1 is only for</p><p> Kerberos authentication and protection of the long=
 term AFS service</p><p> principal key.  AES256 is never used for wire pr=
ivacy or integrity</p><p> protection within the AFS protocol.</p><p>=E2=80=
=8B</p><p> However, I believe Martin is asking a different question.</p><=
p>=E2=80=8B</p><p>  When the issuance of service tickets with DES session=
 keys is</p><p>  turned off in the KDC, can existing AFS cache managers t=
hat do</p><p>  not support "rxkad-kdf" continue to access the AFS cell?</=
p><p>=E2=80=8B</p><p> The answer to this question is "no".  If an older A=
FS client, say</p><p> OpenAFS 1.4.11 or 1.6.3 attempts to obtain an AFS t=
oken it will request</p><p> the use of DES for the session key.  The KDC =
(if DES is disabled) will</p><p> either fail the request indicating that =
there is no support for the</p><p> DES-CBC-CRC encryption type or will is=
sue a service ticket with a</p><p> non-DES session key and a failure will=
 be reported by the client-side</p><p> Kerberos library.   In either case=
, the older AFS client will be unable</p><p> to authenticate to the cell.=
</p><p>=E2=80=8B</p><p> Jeffrey Altman</p><p>=E2=80=8B</p><p>=E2=80=8B</p=
><p>=E2=80=8B</p><p>=E2=80=8B</p></blockquote><p>=E2=80=8B</p></div>
</body></html>

--_===594458====mx42.bofh.mx===_--