The version of AFS which can use enctypes other than single DES is already on all the AFS servers except the AFSDB servers. For the AFSDB servers, it should just be a case of installing the RPMs, as there's no kernel module involved. They'll ask for a reboot, but this can be ignored for now. They should be done one at a time, but reasonably quickly one after the other.
The re-key is then "just" a case of following the instructions.
Remember to use
-e to select a nice set of enctypes
explicitly, as the default set isn't quite what we would like.
(The list in the OpenAFS documents seems reasonable, though we do need to
make sure that there's a non-empty intersection with kdc.conf's list.)
Craig will do this under Toby's watchful gaze!
The new keytab then has to be propagated out to all 16 or so servers and 3 AFSDB servers quickly, so as to minimise breakage for people newly authenticating. The servers have to be restarted to bring this into effect. See the OpenAFS instructions for how to do all this.
We decided that this should be done ASAP. Craig will put out a sys-announce message today warning of intermittent AFS access glitches. The target time is 13:00 tomorrow (Tuesday 30th).
2013-07-30T13:30 update: all done down to here.
This should fix the immediate issue. Given that our internal network is (reasonably) unsnoopable, we believe that the case for removing single-DES altogether isn't quite so urgent, but we should press on regardless.
This needs the new version to propagate out to clients and the machine to be rebooted. It'll be in this week's <stable>, then desktops will auto-reboot over the next few days (to Tuesday/Wednesday).
Servers will mostly need an explicit reboot. Given the issue, we suggest that this must be done by Friday 30th August, with Monday 2nd September as the day when DES will be dropped completely from the AFS servers. (Update: strictly, when we turn off allow_weak_crypto. See post-meeting comments below.)
What about 1.4.15? It's needed on a handful of machines. Stephen thinks it's available now, but needs to be built and tested.
Macs? 1.6.5 is the one to go for there.
Windows? It looks like 1.7.26 is the one. All the managed desktop machines (about 70) will have to be done, probably manually, by 30th August. Alison will see about this.
Self-managed Linux? Distributions vary as to how they label their packages, unfortunately. We'll need to try to come up with a list.
Generally, our documentation on upgrading AFS on various self-managed platforms needs to be checked and updated as necessary.
There are likely to be several blog articles falling out of all this. Craig will kick things off...
All COs and CSOs should be encouraged to upgrade their own home and self-managed machines, and to report how things go.
After 2nd September any non-upgraded clients will cease to work.
There's probably most work here for user-support. There doesn't seem to be a huge amount elsewhere that would be likely to delay other projects significantly. However this will need to be a priority item for all involved.
We have had des3 in the KDCs' enctypes list for a long time (possibly "forever"). There should therefore be no current keys which are single-DES-only: users will either have rekeyed during the Big Password Change or will have been locked out; services will have been rekeyed during the SL6 reinstallation. We think AFS should be the only thing currently still using single-DES.
Therefore, it should be safe (after the AFS switch has been thrown) to turn off allow_weak_crypto on the KDCs. (Update: they're really one and the same thing.)
Longer term, we need to think about adding additional enctypes to the KDCs (e.g. aes256), and whether we should be enabling preauth for server principals as well as user principals.
Please contact us with any comments or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh