michael.bell at cms.hu-berlin.de
Wed Oct 22 05:18:31 EDT 2003
I have a problem with fakeka. I want to run it on a KDC which encrypts
it's master key with DES3-HMAC-SHA1. I checked the source code of fakeka
and see that it only supports DES-CBC-CRC. Does there be a special
reason to not add a switch -e which accepts the options des and des3?
It is really easy to change the source code and to add the option (only
another case statement and an additional variable) but I'm not sure
about the side effects. The function get_princ_key includes a comment
which explicitly enforces DES. Is there be a problem with DES3 and AFS
(or better clients which think they talk with kaserver)?
More information about the Kerberos