Kevin Coffman k...@citi.umich.edu writes:
Wed, Aug 26, 2009 at 3:21 PM, Tom Yut...@mit.edu wrote:
Russ Allbery r...@stanford.edu writes:
default_enctypes, maybe?
Possibly... though we do already have default_tkt_enctypes and
default_tgs_enctypes, which mean something completely different.
On Thu, Aug 27, 2009 at 3:23 PM, Tom Yut...@mit.edu wrote:
Kevin Coffman k...@citi.umich.edu writes:
Wed, Aug 26, 2009 at 3:21 PM, Tom Yut...@mit.edu wrote:
Russ Allbery r...@stanford.edu writes:
default_enctypes, maybe?
Possibly... though we do already have default_tkt_enctypes and
Greetings,
I currently have a MIT KDC where I need to use the des-cbc-crc:normal
encryption type on *one* service principal. The rest of my KDC all
principals can be aes or rc4. I'm confused as to what I need in my
config and what will work.
If I just have aes256-cts:normal and
John Harris har...@ucdavis.edu writes:
Greetings,
I currently have a MIT KDC where I need to use the des-cbc-crc:normal
encryption type on *one* service principal. The rest of my KDC all
principals can be aes or rc4. I'm confused as to what I need in my
config and what will work.
If
Russ Allbery r...@stanford.edu writes:
Tom Yu t...@mit.edu writes:
John Harris har...@ucdavis.edu writes:
If I just have aes256-cts:normal and rc4-hmac:normal listed in kdc.conf
in the supported_enctypes field, I'm still able to create the
des-cbc-crc:normal service principal I need. In
Tom Yu t...@mit.edu writes:
John Harris har...@ucdavis.edu writes:
If I just have aes256-cts:normal and rc4-hmac:normal listed in kdc.conf
in the supported_enctypes field, I'm still able to create the
des-cbc-crc:normal service principal I need. In fact, I can kinit -S
for it and obtain
Wed, Aug 26, 2009 at 3:21 PM, Tom Yut...@mit.edu wrote:
Russ Allbery r...@stanford.edu writes:
Tom Yu t...@mit.edu writes:
John Harris har...@ucdavis.edu writes:
If I just have aes256-cts:normal and rc4-hmac:normal listed in kdc.conf
in the supported_enctypes field, I'm still able to
Thanks so much Tom; that makes sense to me. I would vote for not
changing it since it's been like, you know, 20 years in the making, but
if we're gonna change it perhaps:
harris_enctypes ? :)
Tom Yu wrote:
John Harris har...@ucdavis.edu writes:
Greetings,
I currently have a MIT KDC
