Updating encryption types
Phil Dibowitz
phil at usc.edu
Wed Jul 6 18:40:41 EDT 2005
On Tue, Jul 05, 2005 at 01:48:54PM -0700, Phil Dibowitz wrote:
> from kadmin, great (though is that "no salt" supposed to be there?)!
>
> However, klist -e shows:
>
> [phil at frantic unstale]$ klist -e
> Ticket cache: FILE:/tmp/krb5cc_36070
> Default principal: phil at ISD.USC.EDU
>
> Valid starting Expires Service principal
> 07/05/05 13:36:31 07/05/05 23:36:31 krbtgt/ISD.USC.EDU at ISD.USC.EDU
> Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
> [phil at frantic unstale]$
>
> and the logs show:
>
> Jul 05 13:36:31 frantic.usc.edu krb5kdc[26284](info): AS_REQ (3 etypes {23 16
> 1}) 128.125.10.120: ISSUE: authtime 1120595791, etypes {rep=23 tkt=1 ses=1},
> phil at ISD.USC.EDU for krbtgt/ISD.USC.EDU at ISD.USC.EDU
>
> Neither the session key, nor my principal key seem to have been using the new
> encryption... it's not clear to me why...
Anyone?
--
Phil Dibowitz
Systems Architect and Administrator
Enterprise Infrastructure / ISD / USC
UCC 180 - 213-821-5427
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20050706/e14bc1fb/attachment.bin
More information about the Kerberos
mailing list