diff options
Diffstat (limited to 'eBones/README.PATCH')
-rw-r--r-- | eBones/README.PATCH | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/eBones/README.PATCH b/eBones/README.PATCH new file mode 100644 index 0000000..33cb15f --- /dev/null +++ b/eBones/README.PATCH @@ -0,0 +1,60 @@ +READ THIS ENTIRE FILE BEFORE PROCEEDING! + +This distribution contains a "diff" file suitable for using with the +"patch" program to update your Kerberos (version 4) source tree. The +gist of the patch is to replace calls to des_random_key() with calls +to des_new_random_key(). + +The primary difference is that des_random_key() uses a seeding +technique which is predictable and therefore +vulnerable. des_new_random_key() uses a feedback mechanism based on +the Data Encryption Standard (DES) and is seeded with a secret (and +therefore unknown to an attacker) value. This value is the database +master key, which is a convenient secret value. + +This patch assumes that you have the new_rnd_key.c key module (which +contains the definition and code for des_new_random_key()). It has +been part of the standard Version 4 distribution since 1992 and is +used in the admin server (our primary error at MIT was not upgrading +all of Kerberos to use this newer generator. This patch finishes the +job). + +In addition to the patch file for the Kerberos distribution this +distribution also contains a program for changing critical system keys +(namely the "krbtgt" and "changepw.kerberos" keys). When you +originally built your Kerberos database these keys were chosen at +random, using the vulnerable version of the kerberos random number +generator. Therefore it is possible for an attacker to mount an attack +to guess these values. If an attacker can determine the key for the +"krbtgt" ticket, they can construct tickets claiming to be any +kerberos principal. Similarly if an attacker can obtain the +"changepw.kerberos" key, they can change anyone's password. + +The enclosed "fix_kdb_keys.c" (part of the patch file) program, which +you run on the KDC server, will change these critical keys to new +values using the newer random number generator. IMPORTANT: When you +run fix_kdb_keys, all outstanding ticket granting tickets will +immediately become invalid. This will be disruptive to your user +community. We recommend that you either do this late at night or early +in the morning before most users have logged in. Alternatively +pre-announce a definitive time when you will run the program and +inform your users that they will have to get new tickets at that time +(using either "kinit" or simply by logging out and then in again). + +NOTE: The only client program modified is "ksrvutil" which is used to +generate new server keys. All other client/server programs are +unaffected. End users do *not* need to obtain new versions of programs +that use Kerberos. This is because most random number generation in +the Kerberos system is done on the KDC system. By fixing kerberos.c +you have repaired most of the damage. + +To install this patch copy patch_krb to the toplevel of your Kerberos +source tree. Then type: + +patch -p0 <patch_krb + +This will install changes to various kerberos modules to upgrade them +to use des_new_random_key(). It also will install a new program, +"fix_kdb_keys.c." After the patch is complete type "make world" at the +toplevel of your Kerberos source tree. This will, among other things, +build the fix_kdb_keys program. |