Details

    • Type: New Feature New Feature
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 2.0.0-RC1
    • Fix Version/s: 2.0.0-RC1
    • Component/s: None
    • Labels:
      None

      Description

      User keys are currently stored in the DIT as plaintext keys, for example, in the krb5key. These keys should be encrypted with the server master key. The server master key should be stored in the Eve system partition.

        Activity

        Hide
        Emmanuel Lecharny added a comment -

        Let's try to fix this for 2.0

        Show
        Emmanuel Lecharny added a comment - Let's try to fix this for 2.0
        Hide
        Enrique Rodriguez added a comment -

        KDC master keys are typically stored in their own file and protected by filesystem permissions. The KDC master key stash file should provide the option of password protection.

        Show
        Enrique Rodriguez added a comment - KDC master keys are typically stored in their own file and protected by filesystem permissions. The KDC master key stash file should provide the option of password protection.

          People

          • Assignee:
            Enrique Rodriguez
            Reporter:
            Enrique Rodriguez
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Due:
              Created:
              Updated:

              Development