Secure NFS under Red Hat Enterprise Linux 4

Roberto C. Sánchez roberto at connexer.com
Sat Mar 22 08:49:52 EDT 2008


On Fri, Mar 21, 2008 at 06:45:01PM -0800, Paul B. Henson wrote:
> 
> Is there any way to get rpc.gssd to request DES session keys without
> crippling the entire system's encryption level?
> 
I used this HOWTO:
http://www-theorie.physik.unizh.ch/~dpotter/howto/kerberos

The crux of it is something like this:

  [root at phoenix ~]# kadmin
  Authenticating as principal root/admin at PHYSIK.UNIZH.CH with password.
  Password for root/admin at PHYSIK.UNIZH.CH: 
  kadmin: ktadd host/phoenix.physik.unizh.ch
  kadmin: ktadd -e des-cbc-crc:normal nfs/phoenix.physik.unizh.ch

That worked well for me.  It lets me have DES only for NFS and 3DES for
everything else.

Regards,

-Roberto

-- 
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20080322/4cda073c/attachment.bin


More information about the Kerberos mailing list