From: Alexander W Dehnert <adehnert@mit.edu>
Date: Sat, 9 Mar 2013 02:30:15 +0000 (-0500)
Subject: add section about changing enctypes
X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/commitdiff_plain/9a4d056afb93c9922b41f1460d256dc400ce653c?ds=inline

add section about changing enctypes
---

diff --git a/doc/kerberized-server.mdwn b/doc/kerberized-server.mdwn
index df5274e..bb36f93 100644
--- a/doc/kerberized-server.mdwn
+++ b/doc/kerberized-server.mdwn
@@ -35,3 +35,24 @@ matches; that is to say, an Athena user whose username matches a local
 username can log in to that local account.  (One option to avoid this is
 to create a `.k5login` file in `/etc/skel` so that new accounts you
 later add get this file by default.)
+
+## Upgrading cryptographic strength
+
+You may wish to change the encryption algorithms (*enctypes*) included in your keytab. With server principals (like `daemon/servername.mit.edu` or `host/servername.mit.edu`) it is particularly important to support *only* strong algorithms. If you support a weak algorithm, an attacker can request a service ticket encrypted with that key, allowing them to do an offline attack and potentially extract your secret key.
+
+To change the supported enctypes, run `kadmin`:
+
+    kadmin -p daemon/kronborg.mit.edu  -k -t daemon.kronborg.keytab
+
+Then, create new keys:
+
+    ktadd -k daemon.kronborg.keytab -e aes256-cts:normal -e aes128-cts:normal daemon/kronborg.mit.edu
+
+After all tickets currently issued against your service expire (which will happen after at most one day), you should remove the old keys from your keytab:
+
+    ktremove -k daemon.kronborg.keytab daemon/kronborg.mit.edu old
+
+Before exiting, you may wish to verify in a separate terminal that the correct updated key has been written to the keytab:
+
+    kinit -k -t daemon.kronborg.keytab daemon/kronborg.mit.edu
+    kvno daemon/kronborg.mit.edu@ATHENA.MIT.EDU