2022-09-29 16:20:03

by Chuck Lever III

[permalink] [raw]
Subject: Re: LINUX NFS support for SHA256 hash types



> On Sep 28, 2022, at 8:04 AM, jaganmohan kanakala <[email protected]> wrote:
>
> Hi Linux-NFS team,
>
> I'm trying to set up the Kerberos5 setup with MIT as the KDC on my
> RHEL 8 machines.
> I'm able to get the setup working with Kerberos encryption types where
> the hash type is SHA1 (aes128-cts-hmac-sha1-96 and
> aes256-cts-hmac-sha1-96).
>
> As SHA1 is kind of obsolete, my goal is to get my setup working for
> SHA256 hash types (aes128-cts-hmac-sha256-128,
> aes256-cts-hmac-sha384-192).
>
> I tried that. The communication between the Linux client and MIT KDC
> is aes128-cts-hmac-sha256-128, but the communication between the Linux
> client and Linux NFS server is only aes256-cts-hmac-sha1-96.
>
> When I checked the Linux upstream code I see that there is no support
> for SHA256 (and above) hash types.
>
> https://github.com/torvalds/linux/blob/5bfc75d92efd494db37f5c4c173d3639d4772966/net/sunrpc/auth_gss/gss_krb5_mech.c
>
> Have I looked at the right source code?
> Does the latest Linux NFS server has support for kerberos encryption
> types aes128-cts-hmac-sha256-128, aes256-cts-hmac-sha384-192 ?
>
> Can anyone confirm?

As far as I know, the Linux in-kernel SunRPC RPCSEC GSS implementation
does not support the new encryption types defined in RFC 8009. That
means neither the in-kernel client or server support these types at
this time.

I'm not aware of plans to implement support for these. Cc'ing the
crypto mailing list to see if others are considering it.


--
Chuck Lever




2022-10-07 09:30:01

by jaganmohan kanakala

[permalink] [raw]
Subject: Re: LINUX NFS support for SHA256 hash types

Hi Chuck,

Many thanks for your confirmation. It helped me a lot.

BR,
Jaganmohan K

On Thu, 29 Sept 2022 at 21:48, Chuck Lever III <[email protected]> wrote:
>
>
>
> > On Sep 28, 2022, at 8:04 AM, jaganmohan kanakala <[email protected]> wrote:
> >
> > Hi Linux-NFS team,
> >
> > I'm trying to set up the Kerberos5 setup with MIT as the KDC on my
> > RHEL 8 machines.
> > I'm able to get the setup working with Kerberos encryption types where
> > the hash type is SHA1 (aes128-cts-hmac-sha1-96 and
> > aes256-cts-hmac-sha1-96).
> >
> > As SHA1 is kind of obsolete, my goal is to get my setup working for
> > SHA256 hash types (aes128-cts-hmac-sha256-128,
> > aes256-cts-hmac-sha384-192).
> >
> > I tried that. The communication between the Linux client and MIT KDC
> > is aes128-cts-hmac-sha256-128, but the communication between the Linux
> > client and Linux NFS server is only aes256-cts-hmac-sha1-96.
> >
> > When I checked the Linux upstream code I see that there is no support
> > for SHA256 (and above) hash types.
> >
> > https://github.com/torvalds/linux/blob/5bfc75d92efd494db37f5c4c173d3639d4772966/net/sunrpc/auth_gss/gss_krb5_mech.c
> >
> > Have I looked at the right source code?
> > Does the latest Linux NFS server has support for kerberos encryption
> > types aes128-cts-hmac-sha256-128, aes256-cts-hmac-sha384-192 ?
> >
> > Can anyone confirm?
>
> As far as I know, the Linux in-kernel SunRPC RPCSEC GSS implementation
> does not support the new encryption types defined in RFC 8009. That
> means neither the in-kernel client or server support these types at
> this time.
>
> I'm not aware of plans to implement support for these. Cc'ing the
> crypto mailing list to see if others are considering it.
>
>
> --
> Chuck Lever
>
>
>