[3651] in Kerberos-V5-bugs
[krbdev.mit.edu #1259]Re: Bug#169014: krb5-kdc no longer interops with Solaris SEAM
daemon@ATHENA.MIT.EDU (Sam Hartman via RT)
Thu Nov 14 21:29:13 2002
Message-Id: <rt-1259-3702.8.20231052096418@krbdev.mit.edu>
In-Reply-To: <rt-1259@krbdev.mit.edu>
From: "Sam Hartman via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Thu, 14 Nov 2002 21:28:08 -0500 (EST)
I b.believe you can work around this either by disabling
preauth_required on principals that need to log in from Solaris or
dropping des3-hmac-sha1 from supported_enctypes in your kdc.conf and
changing passwords.
Both of these work arounds have security implications unfortunately,
although not using des3 probably isn't that serious if you have a lot
of Solaris clients already.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
