ksu problem with "Version: 1.12+dfsg-2ubuntu5.1"

Giuseppe Mazza g.mazza at imperial.ac.uk
Tue Feb 17 14:40:08 EST 2015


On 17/02/15 17:36, Benjamin Kaduk wrote:
> On Tue, 17 Feb 2015, Giuseppe Mazza wrote:
>
>> However on the client I have got:
>> client% head -5 /etc/krb5.conf
>> [appdefaults]
>> # [dwm] necessary for DOC.IC.AC.UK
>> 	allow_weak_crypto=true
>
> allow_weak_crypto is applicable in the [libdefaults] section, not
> [appdefaults].  Was your text quoted above a typo, or does it reflect your
> actual krb5.conf?
>
> -Ben Kaduk
>


Sorry...
Please, find a better view of a my client configuration below:


client% head -20 /etc/krb5.conf
[appdefaults]
# [dwm] necessary for DOC.IC.AC.UK
	allow_weak_crypto=true

[libdefaults]
	default_realm = DOC.IC.AC.UK

# The following krb5.conf variables are only for MIT Kerberos.
	krb4_config = /etc/krb.conf
	krb4_realms = /etc/krb.realms
	kdc_timesync = 1
	ccache_type = 4
	forwardable = true
	proxiable = true

# [dwm] necessary for DOC.IC.AC.UK
	allow_weak_crypto=true

# The following encryption type specification will be used by MIT Kerberos
# if uncommented.  In general, the defaults in the MIT Kerberos code are



All the best,
Giuseppe



More information about the Kerberos mailing list