[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is the server using DES but not RC4?

To: heimdal-discuss@sics.se
Subject: Re: Why is the server using DES but not RC4?
From: "Markus Moeller" <huaraz@moeller.plus.com>
Date: Thu, 28 Jun 2007 20:38:32 +0100
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <f5r893$n3a$1@sea.gmane.org> <f60r6v$2db$1@sea.gmane.org> <00dc01c7b9b4$5db085d0$0801a8c0@home> <200706282103.40125.achim@grolmsnet.de>
Reply-To: heimdal-discuss@sics.se, "Markus Moeller" <huaraz@moeller.plus.com>
Sender: news <news@sea.gmane.org>

The default with the newer ktpass is RC4, so there is no need to use the
desonly nor crypto flag at all, only maybe if you need to switch behaviour.

Markus


"Achim Grolms" <achim@grolmsnet.de> wrote in message 
200706282103.40125.achim@grolmsnet.de">news:200706282103.40125.achim@grolmsnet.de...
> On Thursday 28 June 2007 20:44, Markus Moeller wrote:
>
>> You can change it with ADSIEdit or ktpass +DESONLY or ktpass -DESONLY
>
> That means the RC4-ktpass command in <http://www.grolmsnet.de/kerbtut/>
> needs a -DESONLY to make RC4 work?
>
> This way, for example?
>
> C:\>ktpass -princ HTTP/beren.grolmsnet.de@GROLMSNET.DE
> -mapuser kerbdummy1
> -crypto rc4-hmac-nt
> -ptype KRB5_NT_SRV_HST
> -DESONLY
> -pass longlongpassword -out c:\temp\berenkeytab
>
> Thank you,
> Achim
>

Follow-Ups:
- Re: Why is the server using DES but not RC4?
  - From: Achim Grolms <achim@grolmsnet.de>

References:
- Why is the server using DES but not RC4?
  - From: Florian Erfurth <floh-erfurth@arcor.de>
- Re: Why is the server using DES but not RC4?
  - From: Florian Erfurth <floh-erfurth@arcor.de>
- Re: Why is the server using DES but not RC4?
  - From: "Markus Moeller" <huaraz@moeller.plus.com>
- Re: Why is the server using DES but not RC4?
  - From: Achim Grolms <achim@grolmsnet.de>

Prev by Date: Re: Why is the server using DES but not RC4?
Next by Date: Re: 0.9rc1 Comment #2
Prev by thread: Re: Why is the server using DES but not RC4?
Next by thread: Re: Why is the server using DES but not RC4?
Index(es):
- Date
- Thread