Kerberos ktutil: Available Encryption Types and How to Choose the Strongest


2 views

When working with ktutil to create Kerberos keytabs, one of the most common questions is about available encryption types. The ktutil man page doesn't explicitly list them, which can be frustrating when you're trying to create a secure keytab.

To discover the encryption types supported by your Kerberos implementation, run:

$ klist -e
Available encryption types
ENCTYPE: aes256-cts-hmac-sha1-96
ENCTYPE: aes128-cts-hmac-sha1-96
ENCTYPE: des3-cbc-sha1
ENCTYPE: arcfour-hmac
ENCTYPE: camellia256-cts-cmac
ENCTYPE: camellia128-cts-cmac

The strongest available encryption types are typically:

  • aes256-cts-hmac-sha1-96 (recommended)
  • camellia256-cts-cmac
  • aes128-cts-hmac-sha1-96

Here's how to create a keytab using AES-256 encryption:

$ ktutil
ktutil: add_entry -password -p user@EXAMPLE.COM -k 1 -e aes256-cts-hmac-sha1-96
Password for user@EXAMPLE.COM: [enter password]
ktutil: write_kt user.keytab
ktutil: quit

After creation, verify the encryption type used:

$ klist -kte user.keytab
KVNO Principal
---- --------------------------------------------------------------------------
   1 user@EXAMPLE.COM (aes256-cts-hmac-sha1-96)  [timestamp]

While AES-256 is the strongest, ensure your systems support it. Some older systems might only support:

  • arcfour-hmac (RC4, considered weak)
  • des3-cbc-sha1 (Triple DES, being phased out)
  1. Always use the strongest encryption available in your environment
  2. Set strict file permissions (600) on keytab files
  3. Rotate keytabs regularly
  4. Avoid using weak encryption types like DES

When working with ktutil to create keytabs, you'll encounter the -e parameter which specifies encryption types. Kerberos supports multiple encryption algorithms, each with different security strengths.

Here are the most common encryption types supported in current Kerberos implementations:

aes256-cts-hmac-sha1-96
aes128-cts-hmac-sha1-96
arcfour-hmac (RC4-HMAC, weaker)
des3-cbc-sha1 (Triple DES)
des-cbc-crc (legacy DES, insecure)

To see what encryption types your Kerberos installation supports:

$ klist -e
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: user@EXAMPLE.COM

Valid starting     Expires            Service principal
07/22/23 10:00:00  07/22/23 20:00:00  krbtgt/EXAMPLE.COM@EXAMPLE.COM
        renew until 07/23/23 10:00:00, Etype (skey, tkt): aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96

For maximum security, always prefer AES-256. Here's how to use it in ktutil:

$ ktutil
ktutil: add_entry -password -p user@DOMAIN.COM -k 1 -e aes256-cts-hmac-sha1-96
Password for user@DOMAIN.COM:
ktutil: write_kt user.keytab
ktutil: quit

After creation, check the encryption types in your keytab:

$ klist -kte user.keytab
Keytab name: FILE:user.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   1 07/22/23 10:00:00 user@DOMAIN.COM (aes256-cts-hmac-sha1-96)

For compatibility, you might want to include multiple encryption types:

ktutil: add_entry -password -p user@DOMAIN.COM -k 1 -e aes256-cts-hmac-sha1-96
ktutil: add_entry -password -p user@DOMAIN.COM -k 1 -e aes128-cts-hmac-sha1-96
ktutil: write_kt user_compat.keytab

Avoid these weaker encryption types in new deployments:

  • arcfour-hmac (RC4 has known vulnerabilities)
  • des-cbc-crc (DES is cryptographically broken)
  • des3-cbc-sha1 (Triple DES is being phased out)