[krbdev.mit.edu #1190] Sane defaults for configuration files
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Thu May 29 19:46:11 EDT 2003
notes from meeting:
Defaults Discussion:
- This is the sample configuration file that is in the distribution
- It is used by the test system so we need a configuration file that works
- Another goal of the sample file is so folks can quickly edit it and
get an environment up and going.
- Remove all enctype related items
- add examples for the kdc logging
- Remove explicit configs for all but one realm. Thus move to DNS (for
example realm that supports it) and leave one example that explicitly
sets them
- Drop Cygnus.com
Changes to in code defaults:
- kdctimesyncflag to 1 on all platforms
- default ccache type to 4
- kdc default master key type will be 3DES
- Remove AES 256
- Max life change to 24 hours (one day)
- Max renewable change to one week.
- file a bug to Remove kdc_supported_enctypes (this may involve code
so need to investigate)
More information about the krb5-bugs
mailing list