ULTRIX Guide to Kerberos

This document, "ULTRIX Guide to Kerberos" (Order Number: AA-PBKVA-TE, June 1990), serves as a comprehensive guide for implementing and managing Kerberos on the ULTRIX operating system (Version 4.0 or higher).

Primary Purpose: The guide describes how Kerberos enhances security in a distributed network by authenticating applications to each other across machine boundaries. It covers the setup, administration, and network programming connections for the Kerberos daemon and Kerberos-authenticated applications.

Key Concepts and Features:

• Authentication: The core function, proving the identity of network entities (called "principals" or applications).
• Security Features: Kerberos provides password security, authentication of principals (and reauthentication), data integrity (using encryption checksums), and protection against the replay of authentication data.
• Encryption: It heavily relies on the DES encryption library, using "keys" to modify encryption algorithms and protect sensitive data.
• Tickets and Authenticators: Authentication is achieved through Kerberos "tickets" (data packets with a lifespan, encrypted with the service principal's key) and "authenticators" (non-reusable, time-stamped data encrypted with a session key, proving the client's knowledge of the session key).
• Mutual Authentication: Kerberos facilitates mutual authentication, ensuring both client and server can verify each other's identity.

System Components and Administration:

• Kerberos Daemon: Runs on a master server and multiple slave servers within a Local Area Network (LAN). The master holds the modifiable database, which is replicated to read-only slaves for backup and load distribution.
• Database Utilities: The guide details utilities like kdb_init (to create/initialize the database), kdb_edit (to add/modify principals), kdb_util (for database conversion/master key changes), kprop/kpropd (for database propagation), kstash (to hide master passwords), and kdestroy (to destroy tickets).
• Setup Procedures: It provides step-by-step instructions for setting up the Kerberos master and slave servers, integrating with the BIND/Hesiod service for naming and address resolution, and configuring Kerberos-authenticated daemons (like named).
• Security Levels: The document describes the transition process to increase network security levels from default BSD to UPGRADE and ENHANCED modes.

Programming Interface:

• It outlines the Kerberos programming interface, which consists of several libraries (libkrb, libdes, libacl, libknet, libkdb) for authentication, encryption support, access control, and communication.
• Includes high-level and low-level C code examples for client-server programming to illustrate the use of Kerberos libraries.

Limitations (as of June 1990 for ULTRIX 4.0+):

• ULTRIX Kerberos primarily supports the authentication of commonly networked applications (e.g., named, auditd) communicating via TCP/IP sockets.
• It does not support user login authentication for the base system.
• Inter-realm authentication is not supported.
• Network time synchronization (using NTP or timed daemons) is critical for Kerberos operation.

The guide is primarily aimed at network administrators responsible for setting up and managing a Kerberos-authenticated distributed environment, with an introductory chapter for general users.