[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: aes256 keys not supported

To: heimdal-discuss@sics.se, cyrus@univ-paris4.fr
Subject: Re: aes256 keys not supported
From: christop <christop@physik.tu-berlin.de>
Date: Wed, 28 Nov 2007 15:12:18 +0100
In-Reply-To: <sympa.1196251021.21352.349@sics.se>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
OpenPGP: id=449A72DA
References: <sympa.1196251021.21352.349@sics.se>
Reply-To: heimdal-discuss@sics.se, christop <christop@physik.tu-berlin.de>
User-Agent: Mozilla-Thunderbird 2.0.0.4 (X11/20070828)

Greetings,
cyrus@univ-paris4.fr schrieb:
> Hello,
> 
> I try to create the master key with aes256-cts-hmac-sha1-96 but i get this :
> 
> # kstash -e aes256-cts-hmac-sha1-96  --random-key
> kstash: writing key to `/var/heimdal/m-key'
> # kadmin -l
> kadmin: kadm5_init_with_password: encryption type 18 not supported
> 
> default_enctypes =  aes256-cts-hmac-sha1-96 in [libdefaults] 
> 
> OS : FreeBSD 6.1
> heimdal-1.0.1
> 
> What's the problem ? How i can i enable aes256-cts-hmac-sha1-96 encryption type
> ?

are you using kadmin out of the base system (/usr/bin/kadmin) or out of
ports (/usr/local/sbin/kadmin)? Base system kadmin is version Heimdal
0.6.3 and may be too old for aes256-cts-hmac-sha1-96.
If you do not want to build heimdal kerberos out of base system on your
next world builds, put an NO_KERBEROS=true in you make.conf. More
possible variables are in /usr/share/examples/etc/make.conf.

Hope thats helps
 Christoph

OpenPGP digital signature

References:
- aes256 keys not supported
  - From: <cyrus@univ-paris4.fr>

Prev by Date: aes256 keys not supported
Next by Date: Fwd: Recommendations for Mixing Windows and non-Windows Domains?
Prev by thread: aes256 keys not supported
Next by thread: Fwd: Recommendations for Mixing Windows and non-Windows Domains?
Index(es):
- Date
- Thread