upgrading to 1.8.x / buster

Teddy Hogeborn teddy at recompile.se
Wed Aug 14 23:14:52 CEST 2019 

Jesse Norell <jesse at kci.net> writes:

> Short version:  when upgrading old clients to new gnutls, is there a
> way to generate just the TLS keypair used to identify a client?

Yes, but you probably don't want to; see below.

>   I'm starting to update our older mandos systems to the buster with
> the latest gnutls, requiring a tls key pair for idenitification.  I
> added the stretch-backports repo from recompile.se and updated mandos-
> client:
>
> mandos-client                   1.8.7-1~bpo9+1       amd64                do unattended reboots with an encrypted root file system
>
> # mandos-keygen --version
> /usr/sbin/mandos-keygen 1.8.7

Note: Mandos 1.8.7 does not guarantee use of GnuTLS 3.6.6 and the new
TLS raw public keys.  If using a backport of Mandos to Debian stretch,
it will use the old GnuTLS 3.5.8 with OpenPGP keys, as always, and will
be compatible with Mandos 1.7 using the older GnuTLS.

Summary: It is GnuTLS which controls the compatibility; even Mandos
1.8.7 on stretch cannot communicate with Mandos 1.8.7 on buster, since
they use different versions of GnuTLS.  One version of GnuTLS supports
only OpenPGP keys, while the other supports only "raw public keys".
Mandos will use either style of keys, but cannot use both; there is no
version of GnuTLS which supports both.

> Now I would add key_id to the server's clients.conf, but I believe I
> have no TLS keypair created, as 'mandos-keygen -F/dev/null|grep
> ^key_id' returns empty.

Correct; the new TLS raw keys are generated when installing Mandos
1.8.7, if GnuTLS 3.6.6 is installed.  However, if GnuTLS 3.5.8 is
installed, no TLS keys will be generated.

> So I presume I must create the key pair.

Not really; the TLS keys should be created automatically on installation
of mandos-client if you have a version of GnuTLS installed which can use
the TLS keys.

> A test run of mandos-keygen indicates I must use --force to overwrite
> the old keys.  I don't see from the man page a way to create just the
> TLS keypair (maybe I'm overlooking it).  Can I generate both TLS and
> OpenPGP keys in a temp directory, then copy the TLS keys to
> /etc/keys/mandos/ ?

Yes, the keys are independent.  But, again, doing this manually should
not be necessary, and even if the keys are generated, Mandos 1.8.7 on
stretch will still be unable to communicate with Mandos 1.8.7 on buster,
since stretch and buster use different versions of GnuTLS.

> Or does the TLS key pair have to "match" the OpenPGP keypair, so I'll
> just need to wipe out all old keys, generate new ones, and replace the
> whole section in clients.conf?

Not necessary; the OpenPGP and TLS session keys are independent.

> (release notes indicate I should be able to add just the key_id)

Once the TLS raw keys are generated and GnuTLS 3.6.6 or later is used,
the "key_id" option will take over the role which the "fingerprint"
option previously had.

/Teddy Hogeborn

-- 
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20190814/5a1086ae/attachment.sig>

More information about the Mandos-Dev mailing list