problem with master_key_type = des3-cbc-sha1?

Will Fiveash william.fiveash at
Fri May 17 18:31:00 EDT 2002

On Thu, May 16, 2002 at 04:14:44PM -0500, Will Fiveash wrote:
> I think I understand part of the problem with the default value for
> supported_enctypes.  The default above is set in
> kadm5_get_config_params() but that isn't called by krb5kdc.
> krb5_read_realm_params() is called by krb5kdc but that doesn't set a
> default value for supported_enctypes.

One last thing about this.  I recompiled and installed MIT 1.2.5 on a
different system and I'm not having a problem using kadmin.local or
krb5kdc with the master_key_type = des3-cbc-sha1.  Sorry for the false
alarm about that.

The only nit I have is the one I mentioned above about having to
specify supported_enctypes in the kdc.conf in order for the krb5kdc to
initialize properly when the master_key_type = des3-cbc-sha1.

Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)

More information about the krbdev mailing list