[Freeipa-users] Use of FreeIPA or FreeIPA LDAP server to hold private keys
Ian Stokes-Rees
ijstokes at hkl.hms.harvard.edu
Wed Aug 3 18:13:06 UTC 2011
On Wed Aug 3 14:05:51 2011, Stephen Gallagher wrote:
> No, the way that such a system would work is that the password would
> never be passed to the central server. Only the encrypted data would be
> sent and received. All decryption would happen locally. The most a
> man-in-the-middle attack could accomplish would be damaging the file so
> it couldn't be decrypted anymore. That could accomplish a
> denial-of-service, but not grant the attacker privileges to use your
> keys.
Yes, of course. I work so much on machines hosted in racks in some
server room that I forget a lot of people do most of their work on a
single physical machine that could have strong privilege separation so
even "administrators" can't normally access the machine. I guess I'm
imagining an environment where if there is *any* interest in a central
keystore, then there are administrators who have full access to all
systems that would access that central keystore, but your scenario is
certainly possible. As you've pointed out, with that degree of
autonomy over your own system surely it follows that you could choose
not to use a central keystore if one were provided.
Ian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ijstokes.vcf
Type: text/x-vcard
Size: 394 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110803/64d11bf9/attachment.vcf>
More information about the Freeipa-users
mailing list