RE: ITP: pam-krb5

To: "Sean 'Shaleh' Perry" <shaleh@valinux.com>
Cc: debian-devel@lists.debian.org
Subject: RE: ITP: pam-krb5
From: Steve Langasek <vorlon@netexpress.net>
Date: Thu, 16 Nov 2000 17:03:39 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.10.10011161655400.17062-100000@tennyson.netexpress.net>
In-reply-to: <[🔎] XFMail.20001116145241.shaleh@valinux.com>

On Thu, 16 Nov 2000, Sean 'Shaleh' Perry wrote:

>> WARNING: for security reasons, you should not use this module for purposes
>> other than local login (xdm, login, etc.). Don't use it over a network
>> unless you _really_ know what you are doing.

> security reasons? why?

pam-krb5 fits nicely into the Kerberos security module so long as it's only
used for authenticating local logins; this is because pam-krb5 authenticates
by retrieving and correctly decrypting a Kerberos TGT (ticket-granting
ticket), which according to the Kerberos model should only ever be done on the
user's local machine.

If you use pam-krb5 for authenticating (e.g.) telnet or ftp, you'll
effectively negate the security advantages of using Kerberos, because you'll
be passing a cleartext password across the network before authenticating
against Kerberos.  For some people, plaintext passwords on a network are not
really an issue; but if you're using Kerberos as a backend it definitely /is/
an issue, because people may trust the security of the system "just because"
you're using Kerberos.

Steve Langasek
postmodern programmer

Reply to:

Follow-Ups:
- RE: ITP: pam-krb5
  - From: "Sean 'Shaleh' Perry" <shaleh@valinux.com>

References:
- RE: ITP: pam-krb5
  - From: "Sean 'Shaleh' Perry" <shaleh@valinux.com>

Prev by Date: RE: ITP: pam-krb5
Next by Date: Re: ITP: pam-krb5
Previous by thread: RE: ITP: pam-krb5
Next by thread: RE: ITP: pam-krb5
Index(es):
- Date
- Thread