problem with pam_krb5 4.2-1
Russ Allbery
rra at stanford.edu
Fri May 14 12:31:52 EDT 2010
Rohit Kumar Mehta <rohitm at engr.uconn.edu> writes:
> Thanks for your help Russ. My keys are indeed only plain DES keys, but
> I also have allow_weak_crypto set to true. (We're using Kerberized NFS
> in Linux which I think at this point requires weak crypto)
Is allow_weak_crypto also set on the KDCs involved?
> So I guess I will have to generate new keytabs and recreate the trust,
> and that problem should go away?
You should not need to do any of that if allow_weak_crypto is set.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list