NFS4 des and weak crypto

NFS4 des and weak crypto

[steve]

Hi
openSUSE 12.1

I'm trying to explain to our windows admin that modern nfs isn't 
restricted to DES.

Here is a Samba4 authenticated test setup.

I've removed he DES keys from the keytab on the nfs server:

klist -ke /etc/krb5.keytab
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
---- ---------
    1 nfs/hh3.hh3.site@HH3.SITE (arcfour-hmac)
    1 HH3$@hh3.site (arcfour-hmac)

In /etc/krb5.conf, I comment out:
[libdefaults]
#allow_weak_crypto = true
It was never actually there. I've added it help my argument;)
hh3 is the server, hh6 is the client.

On hh6, root issues:
mount -t nfs4 hh3:/foo /bar -o sec=krb5
rpc.gssd -fvvv throws a fit, the KDC responds with,

Kerberos: ENC-TS Pre-authentication succeeded -- HH6$@HH3.SITE using 
arcfour-hmac-md5
Kerberos: AS-REQ authtime: 2012-02-06T19:44:47 starttime: unset endtime: 
2012-02-07T05:44:47 renew till: 2012-02-07T19:44:47
Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96, 
aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, des-cbc-crc, 
des-cbc-md5, des-cbc-md4, using arcfour-hmac-md5/arcfour-hmac-md5
Kerberos: Requested flags: renewable-ok
Kerberos: TGS-REQ HH6$@HH3.SITE from ipv4:192.168.1.10:45421 for 
nfs/hh3.hh3.site@HH3.SITE [canonicalize, renewable]
Kerberos: TGS-REQ authtime: 2012-02-06T19:44:47 starttime: 
2012-02-06T19:44:47 endtime: 2012-02-07T05:44:47 renew till: 20

we can logon and request files via the mount.

Questions
Does this procedure prove that nfs can use other than DES crypto?
Is arcfour what an AD admin would consider strong encryption?

Thanks,
Steve

Re: NFS4 des and weak crypto

[Andy Adamson]

On Thu, Feb 16, 2012 at 4:48 AM, steve <steve@steve-ss.com> wrote:
> Hi
> openSUSE 12.1
>
> I'm trying to explain to our windows admin that modern nfs isn't restricted
> to DES.
>
> Here is a Samba4 authenticated test setup.
>
> I've removed he DES keys from the keytab on the nfs server:
>
> klist -ke /etc/krb5.keytab
> Keytab name: WRFILE:/etc/krb5.keytab
> KVNO Principal
> ---- ---------
>   1 nfs/hh3.hh3.site@HH3.SITE (arcfour-hmac)
>   1 HH3$@hh3.site (arcfour-hmac)
>
> In /etc/krb5.conf, I comment out:
> [libdefaults]
> #allow_weak_crypto = true
> It was never actually there. I've added it help my argument;)
> hh3 is the server, hh6 is the client.
>
> On hh6, root issues:
> mount -t nfs4 hh3:/foo /bar -o sec=krb5
> rpc.gssd -fvvv throws a fit, the KDC responds with,
>
> Kerberos: ENC-TS Pre-authentication succeeded -- HH6$@HH3.SITE using
> arcfour-hmac-md5
> Kerberos: AS-REQ authtime: 2012-02-06T19:44:47 starttime: unset endtime:
> 2012-02-07T05:44:47 renew till: 2012-02-07T19:44:47
> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
> aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, des-cbc-crc,
> des-cbc-md5, des-cbc-md4, using arcfour-hmac-md5/arcfour-hmac-md5
> Kerberos: Requested flags: renewable-ok
> Kerberos: TGS-REQ HH6$@HH3.SITE from ipv4:192.168.1.10:45421 for
> nfs/hh3.hh3.site@HH3.SITE [canonicalize, renewable]
> Kerberos: TGS-REQ authtime: 2012-02-06T19:44:47 starttime:
> 2012-02-06T19:44:47 endtime: 2012-02-07T05:44:47 renew till: 20
>
> we can logon and request files via the mount.
>
> Questions
> Does this procedure prove that nfs can use other than DES crypto?
> Is arcfour what an AD admin would consider strong encryption?

Linux NFS clients and servers can use any of the crypto listed above
in the "client supported enctypes". aes256-cts-hmac-sha1-96 is the
strongest.

-->Andy

>
> Thanks,
> Steve
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: NFS4 des and weak crypto

[Kevin Coffman]

On Thu, Feb 16, 2012 at 9:24 AM, Andy Adamson <androsadamson@gmail.com> wrote:
> On Thu, Feb 16, 2012 at 4:48 AM, steve <steve@steve-ss.com> wrote:
>> Hi
>> openSUSE 12.1
>>
>> I'm trying to explain to our windows admin that modern nfs isn't restricted
>> to DES.
>>
>> Here is a Samba4 authenticated test setup.
>>
>> I've removed he DES keys from the keytab on the nfs server:
>>
>> klist -ke /etc/krb5.keytab
>> Keytab name: WRFILE:/etc/krb5.keytab
>> KVNO Principal
>> ---- ---------
>>   1 nfs/hh3.hh3.site@HH3.SITE (arcfour-hmac)
>>   1 HH3$@hh3.site (arcfour-hmac)
>>
>> In /etc/krb5.conf, I comment out:
>> [libdefaults]
>> #allow_weak_crypto = true
>> It was never actually there. I've added it help my argument;)
>> hh3 is the server, hh6 is the client.
>>
>> On hh6, root issues:
>> mount -t nfs4 hh3:/foo /bar -o sec=krb5
>> rpc.gssd -fvvv throws a fit, the KDC responds with,
>>
>> Kerberos: ENC-TS Pre-authentication succeeded -- HH6$@HH3.SITE using
>> arcfour-hmac-md5
>> Kerberos: AS-REQ authtime: 2012-02-06T19:44:47 starttime: unset endtime:
>> 2012-02-07T05:44:47 renew till: 2012-02-07T19:44:47
>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>> aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, des-cbc-crc,
>> des-cbc-md5, des-cbc-md4, using arcfour-hmac-md5/arcfour-hmac-md5
>> Kerberos: Requested flags: renewable-ok
>> Kerberos: TGS-REQ HH6$@HH3.SITE from ipv4:192.168.1.10:45421 for
>> nfs/hh3.hh3.site@HH3.SITE [canonicalize, renewable]
>> Kerberos: TGS-REQ authtime: 2012-02-06T19:44:47 starttime:
>> 2012-02-06T19:44:47 endtime: 2012-02-07T05:44:47 renew till: 20
>>
>> we can logon and request files via the mount.
>>
>> Questions
>> Does this procedure prove that nfs can use other than DES crypto?
>> Is arcfour what an AD admin would consider strong encryption?

As Andy said, modern Linux NFS supports all those "Cllient supported enctypes".

Re: strong encryption for AD.  What version of Windows AD?  If it is
Windows 2003, then yes, I think arcfour would be considered strong.
If it is Windows 2008 or later, AES is supported and is stronger.
(Windows has never supported DES3).

K.C.

Re: NFS4 des and weak crypto

[steve]

On 02/16/2012 11:45 AM, Tigran Mkrtchyan wrote:
> Hi Steve,
>
> On Thu, Feb 16, 2012 at 10:48 AM, steve<steve@steve-ss.com>  wrote:
>> Hi
>> openSUSE 12.1
>>
>> On hh6, root issues:
>> mount -t nfs4 hh3:/foo /bar -o sec=krb5
>> rpc.gssd -fvvv throws a fit, the KDC responds with,
>>
>> Kerberos: ENC-TS Pre-authentication succeeded -- HH6$@HH3.SITE using
>> arcfour-hmac-md5
>> Kerberos: TGS-REQ HH6$@HH3.SITE from ipv4:192.168.1.10:45421 for
>> nfs/hh3.hh3.site@HH3.SITE [canonicalize, renewable]
>> Kerberos: TGS-REQ authtime: 2012-02-06T19:44:47 starttime:
>> 2012-02-06T19:44:47 endtime: 2012-02-07T05:44:47 renew till: 20
>>
>> we can logon and request files via the mount.
>>
>> Questions
>> Does this procedure prove that nfs can use other than DES crypto?
> you can check that with wireshark. My screen shot is attached.
>
> Tigran.
>
Hi Tigran

Thanks for the reply. I only seem to get smb packets:
http://2.bp.blogspot.com/-5lxu8-GB44o/T05PfIR-vYI/AAAAAAAAARQ/pfYKQJh1AKM/s1600/w713.png

192.168.1.3 is a nfs, dns and samba server. 192.168.1.12 is a win 7 
client. The nfs client at 192.168.1.8 doesn't figure, even though it's 
getting files and dns fine from the same server. What am I missing?

Sorry to trouble you.
Steve

Re: NFS4 des and weak crypto

[Tigran Mkrtchyan]

Hi Steve,

you could try to enable capture filter like 'port 2049 and host 192.168.1.8'

to see only nfs traffic.

Tigran.

On Thu, Mar 1, 2012 at 8:45 AM, steve <steve@steve-ss.com> wrote:
> On 02/16/2012 11:45 AM, Tigran Mkrtchyan wrote:
>>
>> Hi Steve,
>>
>> On Thu, Feb 16, 2012 at 10:48 AM, steve<steve@steve-ss.com>  wrote:
>>>
>>> Hi
>>> openSUSE 12.1
>>>
>>> On hh6, root issues:
>>> mount -t nfs4 hh3:/foo /bar -o sec=krb5
>>> rpc.gssd -fvvv throws a fit, the KDC responds with,
>>>
>>> Kerberos: ENC-TS Pre-authentication succeeded -- HH6$@HH3.SITE using
>>> arcfour-hmac-md5
>>> Kerberos: TGS-REQ HH6$@HH3.SITE from ipv4:192.168.1.10:45421 for
>>> nfs/hh3.hh3.site@HH3.SITE [canonicalize, renewable]
>>> Kerberos: TGS-REQ authtime: 2012-02-06T19:44:47 starttime:
>>> 2012-02-06T19:44:47 endtime: 2012-02-07T05:44:47 renew till: 20
>>>
>>> we can logon and request files via the mount.
>>>
>>> Questions
>>> Does this procedure prove that nfs can use other than DES crypto?
>>
>> you can check that with wireshark. My screen shot is attached.
>>
>> Tigran.
>>
> Hi Tigran
>
> Thanks for the reply. I only seem to get smb packets:
> http://2.bp.blogspot.com/-5lxu8-GB44o/T05PfIR-vYI/AAAAAAAAARQ/pfYKQJh1AKM/s1600/w713.png
>
> 192.168.1.3 is a nfs, dns and samba server. 192.168.1.12 is a win 7 client.
> The nfs client at 192.168.1.8 doesn't figure, even though it's getting files
> and dns fine from the same server. What am I missing?
>
> Sorry to trouble you.
> Steve
>