[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Incomplete documentation

To: Andreas Haupt <ahaupt@ifh.de>
Subject: Re: Incomplete documentation
From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
Date: Fri, 19 Sep 2003 13:31:39 +0200 (CEST)
cc: heimdal-discuss@sics.se
In-Reply-To: <Pine.LNX.4.58.0309191222340.26415@juno.ifh.de>
References: <Pine.OSF.4.51.0309041617460.382176@tao.natur.cuni.cz><xofoey01uwp.fsf@blubb.pdc.kth.se> <Pine.OSF.4.51.0309041641310.382176@tao.natur.cuni.cz><xofk78o1lyc.fsf@blubb.pdc.kth.se> <Pine.OSF.4.51.0309172328290.370291@tao.natur.cuni.cz><amznh2c8qx.fsf@nutcracker.stacken.kth.se> <Pine.OSF.4.51.0309182112290.456757@tao.natur.cuni.cz><Pine.LNX.4.58.0309191222340.26415@juno.ifh.de>
Sender: owner-heimdal-discuss@sics.se

On Fri, 19 Sep 2003, Andreas Haupt wrote:

> On Thu, 18 Sep 2003, [iso-8859-2] Martin MOKREJ? wrote:
>
> > On Thu, 18 Sep 2003, Love wrote:
> > > Martin MOKREJ? <mmokrejs@natur.cuni.cz> writes:
> > > > Another question, how is the database on slaves encrypted? Does it use
> > > > the master key from master KDC? I guess not. So where is the master key
> > > > used on slaves?Is that the hprop/host key?
> > >
> > > Its encrypted with the master key in /var/heimdal/m-key, the
> > > hprop/`hostname` keys are just for authentication and transport encryption
> > > when dumping the database.
> >
> > That was my impression, but I did not generate any /var/heimdal/m-key on
> > machines acting as slaves ... I did not have to do this step to start
> > hpropd ... so is the database unencrypted? The web documentation(URL below)
> > doesn't say anything about generating another master key (this time on slaves).
>
> The database is also encrypted on the slaves, just as Love already told
> you. If you don't put /var/heimdal/m-key onto the slave as well, the kdc
> on the slave will no be able to read the database - this means you cannot
> authenticate against a slave server.

So you say the data stored on slaves is encrypted with the m-key key
present on master? That means hpropd on slave receives the data encypted
and just stores them on the disk.

Will kdc on slaves complain that there's no m-key and therefore it cannot
decrypt the database hpropd created?

I still don't understand how kdc on slaves knows it's not master kdc, and
therefore should accept any password changes.

Is it so that kadmind accepts the user's password changes? I thought it's
only for convience of admins to give them chance to use kadmin(1). ;)

Or is it so that the `kdc = host.domain' defines on users machine where the
passwords are sent to? As there can be multiple `kdc = ' lines I deduce
that slaves do accepts password changes from users and cross-talk together.
But I don't believe this as I don't run hpropd on my master. ;)

So, how is it?

I'll copy my master key from master machine to all slaves, thanks for
explanation.

> BTW: What's the reason why the database files on the slaves are around
> 20-30% bigger than the original one on the master?

Martin

Follow-Ups:
- Re: Incomplete documentation
  - From: Andreas Haupt <ahaupt@ifh.de>

References:
- Incomplete documentation
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- Re: Incomplete documentation
  - From: Love <lha@stacken.kth.se>
- Re: Incomplete documentation
  - From: Martin MOKREJŠ <mmokrejs@natur.cuni.cz>
- Re: Incomplete documentation
  - From: Andreas Haupt <ahaupt@ifh.de>

Prev by Date: Re: Incomplete documentation
Next by Date: Re: Incomplete documentation
Prev by thread: Re: Incomplete documentation
Next by thread: Re: Incomplete documentation
Index(es):
- Date
- Thread