Public key cryptography for secure Network File System
Both the public key and the secret key of the user are stored and indexed by the net name in the publickey.byname map.
The secret key is DES-encrypted with the user login password. The keylogin command uses the encrypted secret key, decrypts it with the login password, then gives it to a secure local key server to save for use in future RPC transactions. Users are not aware of their public and secret keys because the yppasswd command, in addition to changing the login password, generates the public and secret keys automatically.
The keyserv daemon is an RPC service that runs on each NIS and NIS+ machine. For information on how NIS+ uses keyserv, see Network Information Services (NIS and NIS+) Guide. Within NIS, keyserv runs the following public key subroutines:
- key_setsecret subroutine
- key_encryptsession subroutine
- key_decryptsession subroutine
The key_setsecret subroutine tells the key server to store the secret key of the user (SKA) for future use; it is normally called by the keylogin command. The client program calls the key_encryptsession subroutine to generate the encrypted conversation key, which is passed in the first RPC transaction to a server. The key server looks up the server public key and combines it with the secret key of the client (set up by a previous key_setsecret subroutine) to generate the common key. The server asks the key server to decrypt the conversation key by calling the key_decryptsession subroutine.
Implicit in these subroutine calls is the name of the caller, which must be authenticated in some manner. The key server cannot use DES authentication to do this, because it would create a deadlock. The key server solves this problem by storing the secret keys by the user ID (UID) and only granting requests to local root processes. The client process then runs a root-user-owned setuid subroutine that makes the request on the part of the client, telling the key server the real UID of the client.