[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: i need help configuring encryption type in kdc
Sujeevan Rasaratnam <firstname.lastname@example.org> writes:
> I need to force it to use des-cbc-crc or des-cbc-md5 because
> kerberos support in jaas (java authentication and authorization
> service) only supports those encryption types.
Are you using it as client or server?
The client should send a list of etypes it supports, so let's hope
For the server case, you will have to remove the enctypes the server
doesn't handle (with kadmin del_enctype).
These are MIT settings, which we should perhaps support (the last
should be default_tkt_enctypes).
Instead we have a "default_etypes" which roughly corresponds to
these. They only affect the client though (I believe this is the case
with default_*_enctypes too).