[TCLUG] Kerberos: satan or savior?

Wed May 1 22:50:45 CDT 2002

Well, I suppose I don't know much about Kerberos, then..  I thought I'd
read up on it quite a bit, but I guess this is one of those things I
really need to see in action before I can figure out what's going on.. 
Might make a good meeting topic at some point.

Anyway...

On Wed, 2002-05-01 at 17:18, Amy Tanner wrote:
> On Wed, May 01, 2002 at 03:54:02PM -0500, Mike Hicks (hick0088 at tc.umn.edu) wrote:
> > Using a shared secret key limits the places you can implement Kerberos. 
> > You can't have all of your users going around with their laptops.  Or,
> > maybe you can, but everyone has to have the same secret key.  This is
> > similar to the problem with WEP encryption and public networks.  It's
> > essentially useless since everyone knows what the key is.
> 
> No this is not true.  Each user has his own kerberos password.  This is
> used to login to the kerberos server.

Now that I think some more, maybe what I'm thinking of is communication
between the server you're connecting to and the ticket server (the
process of validating a ticket).  This is much less of a problem, as you
probably trust the servers, and wouldn't want a system that is run by a
user to be able to accept logins as though it was one of your servers.

(Though there are certain cases where that would be good.  I had to deal
with this sort of thing when we set up authentication for the wireless
network at the Carlson School..  RADIUS didn't work for some reason, so
I ended up using `cookieauth' instead, which didn't require me to
contact anyone to allow me to authenticate people with University x.500
accounts.)

> > Kerberos, from all I've heard, is still a good system.  Unfortunately,
> > the areas where it can be deployed are limited, and there have to be
> > ways for untrusted systems to talk to each other without having others
> > eavesdrop on them.
> 
> Please give me an example.  Why would you want an untrusted system to
> have access to your secure network?

When I say "untrusted", I mean any system that isn't under the direct
control of administrators (ie they don't have the root password, or
someone else also has it).  Laptops that roam around, dialup systems,
etc.  I'd like to be able to check my mail while I'm over at a friend's
house and using his computer, for instance.

-- 
 _  _  _  _ _  ___    _ _  _  ___ _ _  __   I spilled spot remover on
/ \/ \(_)| ' // ._\  / - \(_)/ ./| ' /(__   my dog. Now he's gone.
\_||_/|_||_|_\\___/  \_-_/|_|\__\|_|_\ __)  
[ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020501/389a7ef5/attachment.pgp