Next: Multiple servers, Previous: Configuring DNS for KDC, Up: Administration Manual
If Shishi is built with support for GNUTLS, the messages exchanged between clients and Shishid can be protected with TLS. TLS is only available over TCP connections. A full discussion of the features TLS have is out of scope here, but in short it means the communication is integrity and privacy protected, and that users can use OpenPGP, X.509 or SRP (i.e., any mechanism supported by TLS) to authenticate themselves to the Kerberos server. For details on the implementation, See STARTTLS protected KDC exchanges.
Resuming earlier TLS session is supported and enabled by default. This improves the speed of the TLS handshake, because results from earlier negotiations can be re-used. Currently the TLS resume database is stored in memory (in constract to storing it on disk), in both the client and in the server. Because the server typically runs for a long time, this is not a problem for that side. The client is typically not a long-running process though; the client usually is invoked as part of applications like `telnet' or `login'. However, because each use of the client library typically result in a ticket, which is stored on disk and re-used by later processes, this is likely not a serious problem because the number of different tickets required by a user is usually quite small. For the client, TLS resume is typically only useful when you perform an initial authentication (using a password) followed by a ticket request for a service, in the same process.
You can configure the server, `shishid' to never use TLS resume, or to increase or decrease the number of distinct TLS connections that can be resumed before they are garbage collected, see the `--resume-limit' parameter (see Parameters for shishid).
Anonymous TLS is the simplest to set up and use. In fact, only the client need to be informed that your KDC support TLS. This can be done in the configuration file with the `/tls' parameter for `kdc-realm' (see Shishi Configuration), or by placing the KDC address in DNS using the `_tls' SRV record (see Configuring DNS for KDC).
Let's start Shishid, listening on a TCP socket. TLS require TCP. TCP sockets are automatically upgraded to TLS if the client request it.
jas@latte:~$ /usr/local/sbin/shishid -l IPv4:*:4711/tcp Initializing GNUTLS...done Listening on IPv4:*:4711/tcp... Listening on 1 ports... shishid: Starting (GNUTLS `1.0.4') shishid: Listening on IPv4:*:4711/tcp socket 4
Let's use the client to talk with it, using TLS.
jas@latte:~$ shishi -o 'realm-kdc=EXAMPLE.ORG,localhost:4711/tls \ simon@EXAMPLE.ORG Enter password for `simon@EXAMPLE.ORG': simon@EXAMPLE.ORG: Authtime: Tue Dec 16 05:20:47 2003 Endtime: Tue Dec 16 05:37:27 2003 Server: krbtgt/EXAMPLE.ORG key aes256-cts-hmac-sha1-96 (18) Ticket key: aes256-cts-hmac-sha1-96 (18) protected by aes256-cts-hmac-sha1-96 (18) Ticket flags: FORWARDED PROXIABLE (12) jas@latte:~$
On success, the server will print the following debug information.
shishid: Accepted socket 6 from socket 4 as IPv4:*:4711/tcp peer 127.0.0.1 shishid: Listening on IPv4:*:4711/tcp socket 4 shishid: Listening on IPv4:*:4711/tcp peer 127.0.0.1 socket 6 shishid: Has 4 bytes from IPv4:*:4711/tcp peer 127.0.0.1 on socket 6 shishid: Trying STARTTLS shishid: TLS handshake negotiated protocol `TLS 1.0', key exchange `Anon DH', certficate type `X.509', cipher `AES 256 CBC', mac `SHA', compression `NULL', session not resumed shishid: TLS anonymous authentication with 1024 bit Diffie-Hellman shishid: Listening on IPv4:*:4711/tcp socket 4 shishid: Listening on IPv4:*:4711/tcp peer 127.0.0.1 socket 6 shishid: Has 131 bytes from IPv4:*:4711/tcp peer 127.0.0.1 on socket 6 shishid: Processing 131 from IPv4:*:4711/tcp peer 127.0.0.1 on socket 6 shishid: Trying AS-REQ shishid: AS-REQ from simon@EXAMPLE.ORG for krbtgt/EXAMPLE.ORG@EXAMPLE.ORG shishid: Matching client etype 18 against user key etype 18 shishid: Have 511 bytes for IPv4:*:4711/tcp peer 127.0.0.1 on socket 6 shishid: Sending 511 bytes to IPv4:*:4711/tcp peer 127.0.0.1 socket 6 via TLS shishid: Listening on IPv4:*:4711/tcp socket 4 shishid: Listening on IPv4:*:4711/tcp peer 127.0.0.1 socket 6 shishid: Peer IPv4:*:4711/tcp peer 127.0.0.1 disconnected on socket 6 shishid: Closing IPv4:*:4711/tcp peer 127.0.0.1 socket 6 shishid: Listening on IPv4:*:4711/tcp socket 4
Setting up X.509 authentication is slightly more complicated than anonymous authentication. You need a X.509 certificate authority (CA) that can generate certificates for your Kerberos server and Kerberos clients. It is often easiest to setup the CA yourself. Managing a CA can be a daunting task, and we only give the bare essentials to get things up and running. We suggest that you study the relevant literature. As a first step beyond this introduction, you may wish to explore more secure forms of key storage than storing them unencrypted on disk.
The following three sections describe how you create the CA, KDC certificate, and client certificates. You can use any tool you like for this task, as long as they generate X.509 (PKIX) certificates in PEM format and RSA keys in PKCS#1 format. Here we use certtool that come with GNUTLS, which is widely available. We conclude by discussing how you use these certificates in the KDC and in the Shishi client.
First create a CA key.
jas@latte:~$ certtool --generate-privkey \ --outfile /usr/local/etc/shishi/shishi.key Generating a private key... Generating a 1024 bit RSA private key... jas@latte:~$
Then create the CA certificate. Use whatever details you prefer.
jas@latte:~$ certtool --generate-self-signed \ --load-privkey /usr/local/etc/shishi/shishi.key \ --outfile /usr/local/etc/shishi/shishi.cert Generating a self signed certificate... Please enter the details of the certificate's distinguished name. \ Just press enter to ignore a field. Country name (2 chars): SE Organization name: Shishi Example CA Organizational unit name: Locality name: State or province name: Common name: CA This field should not be used in new certificates. E-mail: Enter the certificate's serial number (decimal): 0 Activation/Expiration time. The generated certificate will expire in (days): 180 Extensions. Does the certificate belong to an authority? (Y/N): y Is this a web server certificate? (Y/N): n Enter the e-mail of the subject of the certificate: X.509 certificate info: Version: 3 Serial Number (hex): 00 Validity: Not Before: Sun Dec 21 10:59:00 2003 Not After: Fri Jun 18 11:59:00 2004 Subject: C=SE,O=Shishi Example CA,CN=CA Subject Public Key Info: Public Key Algorithm: RSA X.509 Extensions: Basic Constraints: (critical) CA:TRUE Is the above information ok? (Y/N): y Signing certificate... jas@latte:~$
First create the key for the KDC.
jas@latte:~$ certtool --generate-privkey \ --outfile /usr/local/etc/shishi/shishid.key Generating a private key... Generating a 1024 bit RSA private key... jas@latte:~$
Then create actual KDC certificate, signed by the CA certificate created in the previous step.
jas@latte:~$ certtool --generate-certificate \ --load-ca-certificate /usr/local/etc/shishi/shishi.cert \ --load-ca-privkey /usr/local/etc/shishi/shishi.key \ --load-privkey /usr/local/etc/shishi/shishid.key \ --outfile /usr/local/etc/shishi/shishid.cert Generating a signed certificate... Loading CA's private key... Loading CA's certificate... Please enter the details of the certificate's distinguished name. \ Just press enter to ignore a field. Country name (2 chars): SE Organization name: Shishi Example KDC Organizational unit name: Locality name: State or province name: Common name: KDC This field should not be used in new certificates. E-mail: Enter the certificate's serial number (decimal): 0 Activation/Expiration time. The generated certificate will expire in (days): 180 Extensions. Does the certificate belong to an authority? (Y/N): n Is this a web server certificate? (Y/N): n Enter the e-mail of the subject of the certificate: X.509 certificate info: Version: 3 Serial Number (hex): 00 Validity: Not Before: Sun Dec 21 11:02:00 2003 Not After: Fri Jun 18 12:02:00 2004 Subject: C=SE,O=Shishi Example KDC,CN=KDC Subject Public Key Info: Public Key Algorithm: RSA X.509 Extensions: Basic Constraints: (critical) CA:FALSE Is the above information ok? (Y/N): y Signing certificate... jas@latte:~$
First create the key for the client.
jas@latte:~$ certtool --generate-privkey \ --outfile ~/.shishi/client.key Generating a private key... Generating a 1024 bit RSA private key... jas@latte:~$
Then create the client certificate, signed by the CA. An alternative would be to have the KDC sign the client certificates.
jas@latte:~$ certtool --generate-certificate \ --load-ca-certificate /usr/local/etc/shishi/shishi.cert \ --load-ca-privkey /usr/local/etc/shishi/shishi.key \ --load-privkey ~/.shishi/client.key \ --outfile ~/.shishi/client.certs Generating a signed certificate... Loading CA's private key... Loading CA's certificate... Please enter the details of the certificate's distinguished name. \ Just press enter to ignore a field. Country name (2 chars): SE Organization name: Shishi Example Client Organizational unit name: Locality name: State or province name: Common name: Client This field should not be used in new certificates. E-mail: Enter the certificate's serial number (decimal): 0 Activation/Expiration time. The generated certificate will expire in (days): 180 Extensions. Does the certificate belong to an authority? (Y/N): n Is this a web server certificate? (Y/N): n Enter the e-mail of the subject of the certificate: X.509 certificate info: Version: 3 Serial Number (hex): 00 Validity: Not Before: Sun Dec 21 11:04:00 2003 Not After: Fri Jun 18 12:04:00 2004 Subject: C=SE,O=Shishi Example Client,CN=Client Subject Public Key Info: Public Key Algorithm: RSA X.509 Extensions: Basic Constraints: (critical) CA:FALSE Is the above information ok? (Y/N): y Signing certificate... jas@latte:~$
The KDC need the CA certificate (to verify client certificates) and the server certificate and key (to authenticate itself to the clients). See elsewhere (see Parameters for shishid) for the entire description of the parameters.
jas@latte:~$ shishid -l *:4711/tcp \ --x509cafile /usr/local/etc/shishi/shishi.cert \ --x509certfile /usr/local/etc/shishi/shishid.cert \ --x509keyfile /usr/local/etc/shishi/shishid.key Initializing GNUTLS... Parsed 1 CAs... Loaded server certificate/key... Generating Diffie-Hellman parameters... Initializing GNUTLS...done Listening on *:4711/tcp... Listening on 1 ports... shishid: Starting (GNUTLS `1.0.4') shishid: Listening on *:4711/tcp socket 4
Then acquire tickets as usual. In case you wonder how shishi finds the client certificate and key, the filenames used above when generating the client certificates happen to be the default filenames for these files. So it pick them up automatically.
jas@latte:~$ shishi -o 'realm-kdc=EXAMPLE.ORG,localhost:4711/tls' \ simon@EXAMPLE.ORG Enter password for `simon@EXAMPLE.ORG': simon@EXAMPLE.ORG: Authtime: Sun Dec 21 11:15:47 2003 Endtime: Sun Dec 21 11:32:27 2003 Server: krbtgt/EXAMPLE.ORG key aes256-cts-hmac-sha1-96 (18) Ticket key: aes256-cts-hmac-sha1-96 (18) protected by aes256-cts-hmac-sha1-96 (18) Ticket flags: FORWARDED PROXIABLE RENEWABLE HWAUTHENT TRANSITEDPOLICYCHECKED OKASDELEGATE (12) jas@latte:~$
Here is what the server would print.
shishid: Accepted socket 6 from socket 4 as *:4711/tcp peer 127.0.0.1 shishid: Listening on *:4711/tcp socket 4 shishid: Listening on *:4711/tcp peer 127.0.0.1 socket 6 shishid: Has 4 bytes from *:4711/tcp peer 127.0.0.1 on socket 6 shishid: Trying STARTTLS shishid: TLS handshake negotiated protocol `TLS 1.0', key exchange `RSA', certficate type `X.509', cipher `AES 256 CBC', mac `SHA', compression `NULL', session not resumed shishid: TLS client certificate `C=SE,O=Shishi Example Client,CN=Client', issued by `C=SE,O=Shishi Example CA,CN=CA', serial number `00', MD5 fingerprint `a5:d3:1f:58:76:e3:58:cd:2d:eb:f7:45:a2:4b:52:f9:', activated `Sun Dec 21 11:04:00 2003', expires `Fri Jun 18 12:04:00 2004', version #3, key RSA modulus 1024 bits, currently EXPIRED shishid: Listening on *:4711/tcp socket 4 shishid: Listening on *:4711/tcp peer 127.0.0.1 socket 6 shishid: Has 131 bytes from *:4711/tcp peer 127.0.0.1 on socket 6 shishid: Processing 131 from *:4711/tcp peer 127.0.0.1 on socket 6 shishid: Trying AS-REQ shishid: AS-REQ from simon@EXAMPLE.ORG for krbtgt/EXAMPLE.ORG@EXAMPLE.ORG shishid: Matching client etype 18 against user key etype 18 shishid: Have 511 bytes for *:4711/tcp peer 127.0.0.1 on socket 6 shishid: Sending 511 bytes to *:4711/tcp peer 127.0.0.1 socket 6 via TLS shishid: Listening on *:4711/tcp socket 4 shishid: Listening on *:4711/tcp peer 127.0.0.1 socket 6 shishid: Peer *:4711/tcp peer 127.0.0.1 disconnected on socket 6 shishid: Closing *:4711/tcp peer 127.0.0.1 socket 6 shishid: Listening on *:4711/tcp socket 4