[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: aes256 keys not supported

cyrus@univ-paris4.fr schrieb:
> Hello,
> I try to create the master key with aes256-cts-hmac-sha1-96 but i get this :
> # kstash -e aes256-cts-hmac-sha1-96  --random-key
> kstash: writing key to `/var/heimdal/m-key'
> # kadmin -l
> kadmin: kadm5_init_with_password: encryption type 18 not supported
> default_enctypes =  aes256-cts-hmac-sha1-96 in [libdefaults] 
> OS : FreeBSD 6.1
> heimdal-1.0.1
> What's the problem ? How i can i enable aes256-cts-hmac-sha1-96 encryption type
> ?

are you using kadmin out of the base system (/usr/bin/kadmin) or out of
ports (/usr/local/sbin/kadmin)? Base system kadmin is version Heimdal
0.6.3 and may be too old for aes256-cts-hmac-sha1-96.
If you do not want to build heimdal kerberos out of base system on your
next world builds, put an NO_KERBEROS=true in you make.conf. More
possible variables are in /usr/share/examples/etc/make.conf.

Hope thats helps

OpenPGP digital signature