No, allow_weak_crypto is set to true:
[libdefaults]
# default_realm = EXAMPLE.COM
default_realm = MINIPAX.TERRORONWAR.ORG
clockskew = 300
allow_weak_crypto = true
# permitted_enctypes = "des-cbc-crc arcfour-hmac des3-cbc-sha1
aes128-cts-hmac-sha1-96 aes256-cts-
On Fri, 21 Mar 2014, ольга крыжановская wrote:
Plain des-cbc-crc only authentication doesn't seem to be supported, any more:
Most likely, you still have the 'allow_weak_crypto' setting in krb5.conf
at its default value, false.
-Ben
$ kadmin
Authenticating as principal root/ad...@minipax.t
Plain des-cbc-crc only authentication doesn't seem to be supported, any more:
$ kadmin
Authenticating as principal root/ad...@minipax.terroronwar.org with password.
kadmin: KDC has no support for encryption type while initializing
kadmin interface
Olga
On Thu, Mar 20, 2014 at 11:32 PM, Benjamin
On Thu, 20 Mar 2014, Wendy Lin wrote:
> I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
>
>allow_weak_crypto = true
> # permitted_enctypes = "des-cbc-crc arcfour-hmac des3-cbc-sha1
> aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96"
>permitted_enctypes = "des-cbc-cr
On Thu, 2014-03-20 at 23:01 +0100, Wendy Lin wrote:
> I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
>
> allow_weak_crypto = true
> # permitted_enctypes = "des-cbc-crc arcfour-hmac des3-cbc-sha1
> aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96"
> permitted_enctyp
I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
allow_weak_crypto = true
# permitted_enctypes = "des-cbc-crc arcfour-hmac des3-cbc-sha1
aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96"
permitted_enctypes = "des-cbc-crc"
Now if I try to kinit I get this error:
kin