[32336] in Kerberos
Re: problem with pam_krb5 4.2-1
daemon@ATHENA.MIT.EDU (Russ Allbery)
Fri May 14 12:32:07 2010
From: Russ Allbery <rra@stanford.edu>
To: Rohit Kumar Mehta <rohitm@engr.uconn.edu>
In-Reply-To: <4BED54D9.6010400@engr.uconn.edu> (Rohit Kumar Mehta's message of
"Fri, 14 May 2010 09:49:13 -0400")
Date: Fri, 14 May 2010 09:31:52 -0700
Message-ID: <87pr0yh2br.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Rohit Kumar Mehta <rohitm@engr.uconn.edu> writes:
> Thanks for your help Russ. My keys are indeed only plain DES keys, but
> I also have allow_weak_crypto set to true. (We're using Kerberized NFS
> in Linux which I think at this point requires weak crypto)
Is allow_weak_crypto also set on the KDCs involved?
> So I guess I will have to generate new keytabs and recreate the trust,
> and that problem should go away?
You should not need to do any of that if allow_weak_crypto is set.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
