Secure Transfer of Keytab file from Windows DC to embedded device

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Secure Transfer of Keytab file from Windows DC to embedded device

sandypossible
Hi all,

I am working on implementing Kerberos on an embedded device. I am using
 windows DC as KDC for the embedded device. Since the keytab for my
device has to be created on the windows DC. I am mainly looking in to
how to get it on the device securely.
* Do I need to copy the keytab file from windows DC to my device ? I
mean, is there any automated way of doing this on the  device itself
similar to kadmin, ktadd  ? I didnt find any info regarding this.

* Is there already a defined protocol for copying keytab from windows
DC  ? Documents say "copy the keytab from windows DC to the application
server"

* If I MUST copy the keytab file from windows DC to the device, will
just copying using ftp or any other method which is not secure will do
?

* If I have to copy it securely,  how can I copy it securely ? Do I
need to use secure ftp or any such method ?

Could any body please let me know which will be the best way of doing
this ?

Regards
Sandy

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: Secure Transfer of Keytab file from Windows DC to embedded device

Markus Moeller
Sandy,

there are tools available for this like ads net join which is part of samba,
or use Dan Perry's tool at
http://www.pppl.gov/~dperry/msktutil/ . I have also an updated ktpass tool
for Unix on sourceforge
based on MS open source.

Markus

<[hidden email]> wrote in message
news:[hidden email]...

> Hi all,
>
> I am working on implementing Kerberos on an embedded device. I am using
> windows DC as KDC for the embedded device. Since the keytab for my
> device has to be created on the windows DC. I am mainly looking in to
> how to get it on the device securely.
> * Do I need to copy the keytab file from windows DC to my device ? I
> mean, is there any automated way of doing this on the  device itself
> similar to kadmin, ktadd  ? I didnt find any info regarding this.
>
> * Is there already a defined protocol for copying keytab from windows
> DC  ? Documents say "copy the keytab from windows DC to the application
> server"
>
> * If I MUST copy the keytab file from windows DC to the device, will
> just copying using ftp or any other method which is not secure will do
> ?
>
> * If I have to copy it securely,  how can I copy it securely ? Do I
> need to use secure ftp or any such method ?
>
> Could any body please let me know which will be the best way of doing
> this ?
>
> Regards
> Sandy
>
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>



________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos