<P>Hi all,</P>
<P>I have a KDC client (luke) that is trying to authenticate with the KDC server. The client is expecting a DES session key encryption type. However, the server is issuing a DES3 session key. So, the client doesn't like the key and constantly ask the KDC server for a new key. (This problem occurs on both the KDCs that have been ported to Linux and the Lynx OS.) I have these lines in the krb.conf and kdc.conf files:</P>
<P>krb.conf:</P>
<P>default_tgs_enctypes = des-cbc-crc <BR>default_tkt_enctypes = des-cbc-crc </P>
<P>kdc.conf:</P>
<P>supported_enctypes = des-cbc-crc:normal <BR>kdc_supported_enctypes = des-cbc-crc:normal </P>
<P>Does anyone know why the KDC would constantly send DES3 session key when we specified that we want DES? Here's the log message from the krb5kdc.log file:</P>
<P>Jul 19 12:09:49 mlau krb5kdc[65](info): AS_REQ (1 etypes {1}) Client's_IP(39<BR>848): ISSUE: authtime 1027105789, etypes {rep=1 tkt=1 ses=1}, <A href="http://us.f202.mail.yahoo.com/ym/Compose?To=luke@SJ.SYMBOL.COM" target=_blank>luke@REALMNAME</A><BR> for <A href="http://us.f202.mail.yahoo.com/ym/Compose?To=krbtgt@SJ.SYMBOL.COM" target=_blank>krbtgt@REALMNAME</A><BR>Jul 19 12:09:49 mlau krb5kdc[65](info): DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response<BR>Jul 19 12:09:49 mlau krb5kdc[65](info): DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response<BR>Jul 19 12:09:49 mlau krb5kdc[65](info): DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response<BR>Jul 19 12:09:49 mlau krb5kdc[65](info): DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response<BR>Jul 19 12:09:49 mlau krb5kdc[65](info)!
: DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response<BR>Jul 19 12:09:49 mlau krb5kdc[65](info): DISPATCH: repeated (retransmitted?) re<BR>quest from 0.0.0.0 port 39848, resending previous response </P>
<P>Any pointers or suggestions would really be a great help and very much appreciated! Thanks for your time and help.</P>
<P>Sincerely,</P>
<P>Monica</P><p><br><hr size=1><b>Do You Yahoo!?</b><br>
<a href="http://autos.yahoo.com/">Yahoo! Autos</a> - Get free new car price quotes