diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-02-11 16:07:08 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-02-11 16:07:08 +0000 |
| commit | fe68c6595b7f90ec6891b4dbb0b227ee859090e5 (patch) | |
| tree | 4f895b242e5493408169ba48e897cc1c2859a380 /doc | |
| parent | 079eed2cf749702f75ddc385cf943fbab931f9d8 (diff) | |
| download | krb5-fe68c6595b7f90ec6891b4dbb0b227ee859090e5.zip krb5-fe68c6595b7f90ec6891b4dbb0b227ee859090e5.tar.gz krb5-fe68c6595b7f90ec6891b4dbb0b227ee859090e5.tar.bz2 | |
Minimal support for updating history key
Add minimal support for re-randomizing the history key:
* cpw -randkey kadmin/history now works, but creates only one key.
* cpw -randkey -keepold kadmin/history still fails.
* libkadm5 no longer caches the history key. Performance impact
is minimal since password changes are not common.
* randkey no longer checks the newly randomized key against old keys,
and the disabled code to do so in setkey/setv4key is gone, so now
only kadm5_chpass_principal_3 accesses the password history.
ticket: 6660
target_version: 1.8
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23716 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/admin.texinfo | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/doc/admin.texinfo b/doc/admin.texinfo index a10a2ee..b7c87ac 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -2534,6 +2534,7 @@ passwords kept in the database. * Retrieving the List of Policies:: * Adding or Modifying Policies:: * Deleting Policies:: +* Updating the History Key:: @end menu @node Retrieving Policies, Retrieving the List of Policies, Policies, Policies @@ -2653,7 +2654,7 @@ Sets the number of past keys kept for a principal to @i{number}. This option is @noindent Note: The policies are created under realm container in the LDAP database. -@node Deleting Policies, , Adding or Modifying Policies, Policies +@node Deleting Policies, Updating the History Key, Adding or Modifying Policies, Policies @subsection Deleting Policies To delete a policy, use the @code{kadmin} @code{delete_policy} command, @@ -2680,6 +2681,31 @@ Note that you must cancel the policy from all principals before deleting it. The @code{delete_policy} command will fail if it is in use by any principals. +@node Updating the History Key, , Deleting Policies, Policies + +If a policy specifies a number of old keys kept of two or more, the +stored old keys are encrypted in a history key, which is found in the +key data of the kadmin/history principal. + +Currently there is no support for proper rollover of the history key, +but you can change the history key (for example, to use a better +encryption type) at the cost of invalidating currently stored old keys. +To change the history key, run: + +@smallexample +@group +@b{kadmin:} change_password -randkey kadmin/history +@end group +@end smallexample + +This command will fail if you specify the @b{-keepold} flag. Only one +new history key will be created, even if you specify multiple key/salt +combinations. + +In the future, we plan to migrate towards encrypting old keys in the +master key instead of the history key, and implementing proper rollover +support for stored old keys. + @node Global Operations on the Kerberos Database, Global Operations on the Kerberos LDAP Database, Policies, Administrating the Kerberos Database @section Global Operations on the Kerberos Database |