Need info on Kerberos configuration with AES & SHA2
PMarampally at agiliance.com
Sat Jan 3 09:40:17 EST 2015
Thank you so much Ben. I really appreciate your help.
From: Benjamin Kaduk [mailto:kaduk at MIT.EDU]
Sent: Saturday, January 03, 2015 2:15 AM
To: Prashanth Marampally
Cc: kerberos at mit.edu
Subject: Re: Need info on Kerberos configuration with AES & SHA2
On Fri, 2 Jan 2015, Prashanth Marampally wrote:
> I am naive to kerberos.
> Would like to know whether or not can we configure kerberos 5 with AES
> & SHA2. If yes, please guide me with some articles, documentations etc.
Currently, you cannot.
There is a draft proposal for how such a combination could be done (https://tools.ietf.org/html/draft-ietf-kitten-aes-cts-hmac-sha2-05), but it is just a draft and has not yet been finalized as an IETF RFC. After that happens, someone would have to actually implement the proposal in a kerberos library.
More information about the Kerberos