summaryrefslogtreecommitdiff
path: root/eBones/README.PATCH
diff options
context:
space:
mode:
Diffstat (limited to 'eBones/README.PATCH')
-rw-r--r--eBones/README.PATCH52
1 files changed, 0 insertions, 52 deletions
diff --git a/eBones/README.PATCH b/eBones/README.PATCH
deleted file mode 100644
index 6fb39f602b4c0..0000000000000
--- a/eBones/README.PATCH
+++ /dev/null
@@ -1,52 +0,0 @@
-IMPORTANT!
-
-This distribution includes a patch (already applied), that updates
-Kerberos' key generation. The gist of the patch is to replace calls
-to des_random_key() with calls to des_new_random_key().
-
-The primary difference is that des_random_key() uses a seeding
-technique which is predictable and therefore vulnerable.
-des_new_random_key() uses a feedback mechanism based on the Data
-Encryption Standard (DES) and is seeded with a secret (and therefore
-unknown to an attacker) value. This value is the database master
-key, which is a convenient secret value.
-
-This patch uses the new_rnd_key.c key module (which contains the
-definition and code for des_new_random_key()). It has been part of
-the standard Version 4 distribution since 1992 (and was recreated
-for FreeBSD in 1995). This is used in the MIT admin server (the
-primary error at MIT was not upgrading all of Kerberos to use this
-newer generator. This patch finishes the job).
-
-In addition to the patch for the Kerberos distribution this
-distribution also contains a program for changing critical system keys
-(namely the "krbtgt" and "changepw.kerberos" keys). When you
-originally built your Kerberos database these keys were chosen at
-random, using the vulnerable version of the kerberos random number
-generator. Therefore it is possible for an attacker to mount an attack
-to guess these values. If an attacker can determine the key for the
-"krbtgt" ticket, they can construct tickets claiming to be any
-kerberos principal. Similarly if an attacker can obtain the
-"changepw.kerberos" key, they can change anyone's password.
-
-The new "fix_kdb_keys(8)" program, which you run on the KDC
-server, will change these critical keys to new values using the
-newer random number generator. IMPORTANT: When you run fix_kdb_keys,
-all outstanding ticket granting tickets will immediately become
-invalid. This will be disruptive to your user community. We recommend
-that you either do this late at night or early in the morning before
-most users have logged in. Alternatively pre-announce a definitive
-time when you will run the program and inform your users that they
-will have to get new tickets at that time (using either "kinit" or
-simply by logging out and then in again).
-
-NOTE: The only client program modified is "ksrvutil" which is used
-to generate new server keys. All other client/server programs are
-unaffected. End users do *not* need to obtain new versions of
-programs that use Kerberos. This is because most random number
-generation in the Kerberos system is done on the KDC system.
-
-After getting these sources, type "make world" at the toplevel of
-your source tree. This will, among other things, build the fix_kdb_keys
-program. This is not necessary if you have already got prebuilt
-binaries with this distribution.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-13 12:04:58 +0000