Package: krb5-admin-server
Version: 1.17-4
Severity: normal
Version 1.17-4 of the kerberos 5 packages removes single DES support. If
such encryption types are enabled in kdc.conf, the admin server will error
out with:
kadmind: Required parameters in kdc.conf missing while initializing
It is not at all clear from the error message what the problem is. Removing
DES encryption types allows the admin server to start correctly.
It would be great if the error message could be improved. Failing (or
perhaps in addition to) that the preinst script could check for deprecated
encryption types and warn the user that the configuration needs to be
modified or krb5 will break.
-- System Information:
Debian Release: 10.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500,
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.14.24-core2-server (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages krb5-admin-server depends on:
ii debconf [debconf-2.0] 1.5.72
ii krb5-kdc 1.17-4
ii libc6 2.28-10
ii libcom-err21.45.2-1
ii libgssapi-krb5-2 1.17-4
ii libgssrpc4 1.17-4
ii libk5crypto3 1.17-4
ii libkadm5srv-mit11 1.17-4
ii libkdb5-9 1.17-4
ii libkeyutils1 1.6-6
ii libkrb5-3 1.17-4
ii libkrb5support01.17-4
ii libss2 1.45.2-1
ii libverto1 0.3.0-2
ii lsb-base 10.2019051400
krb5-admin-server recommends no packages.
krb5-admin-server suggests no packages.
-- debconf information:
* krb5-admin-server/newrealm: