rk.
> > -原始邮件-
> > 发件人: "Brandon Allbery" <ballb...@sinenomine.net>
> > 发送时间: 2016-05-10 03:16:51 (星期二)
> > 收件人: "zhaoxy...@ustc.edu.cn" <zhaoxy...@ustc.edu.cn>, "Benjamin Kaduk"
> > <ka...@mit.edu>
> > 抄送:
t;zhaoxy...@ustc.edu.cn>, "Benjamin Kaduk"
> <ka...@mit.edu>
> 抄送: "openafs-info@openafs.org" <openafs-info@openafs.org>
> 主题: RE: Re: Re: RE: [OpenAFS] ad+openafs
>
> Do your systems have keytabs on them, with host instances? Using Kerberos for
> log
pam_krb5afs.so
>
> ~
>
>
>
> > -原始邮件-----
> > 发件人: "Benjamin Kaduk" <ka...@mit.edu>
> > 发送时间: 2016-05-06 23:17:46 (星期五)
> > 收件人: zhaoxy...@ustc.edu.cn
> > 抄送:
> > 主题: Re: RE: [OpenAFS] ad+openafs
> >
> > You
tional pam_krb5afs.so
~
> -原始邮件-
> 发件人: "Benjamin Kaduk" <ka...@mit.edu>
> 发送时间: 2016-05-06 23:17:46 (星期五)
> 收件人: zhaoxy...@ustc.edu.cn
> 抄送:
> 主题: Re: RE: [OpenAFS] ad+openafs
>
> You should keep the list cc'd for this thread; there are many other
To: Benjamin Kaduk <ka...@mit.edu>
Cc: openafs-info@openafs.org; Brandon Allbery <ballb...@sinenomine.net>
Subject: Re: Re: Re: RE: [OpenAFS] ad+openafs
hi,
sorry,i need to add something .
i have three servers.
ad +kerberos win2008
nis server openafs server linux redhat 6.
On 5/4/2016 1:44 AM, Benjamin Kaduk wrote:
> 1.6.14 doesn't need to have single-DES enabled; we shouldn't be
> recommending it. The rxkad.keytab method should work fine with AES keys.
>
> -Ben
+1
To be clear, the entire reason that the KDF extension to the rxkad
security class was implemented
1.6.14 doesn't need to have single-DES enabled; we shouldn't be
recommending it. The rxkad.keytab method should work fine with AES keys.
-Ben
On Tue, 3 May 2016, Brandon Allbery wrote:
> -1765328370 is KRB5KDC_ERR_ETYPE_NOSUPP. This often means that DES is
> disabled somewhere. Note that the
Am 03.05.2016 um 10:39 schrieb zhaoxy...@ustc.edu.cn:
> 2 install ad on windows 2008 r2
If you don't already have AD and or Windows, yet, you can also use
Linux/Samba.
Bye...
Dirk
--
Dirk Heinrichs
GPG Public Key CB614542 | Jabber: dirk.heinri...@altum.de
Tox:
-1765328370 is KRB5KDC_ERR_ETYPE_NOSUPP. This often means that DES is disabled
somewhere. Note that the client library *also* needs DES enabled; you might
need to add to the [libdefaults] section of /etc/krb5.conf on the RH system,
allow_weak_crypto = true
From: