BAD_ENCRYPTION_TYPE problem
Greg Hudson
ghudson at MIT.EDU
Fri Jan 18 15:21:39 EST 2013
On 01/17/2013 05:36 PM, Abhilash S wrote:
> We have some issues with "des-cbc-md5" encryption in key tab auth.
> When we try to use key tab, KDC throwing error as BAD_ENCRYPTION_TYPE .
> we have "*allow_weak_crypto = true" *in the krb config file which is
> mentioned below
> I have renamed realm name with "EX.COM" in config
> kdc version : 1.10.3
What client implementation and version?
Due to a very old interoperability issue, our KDC mostly refuses to
issue des-cbc-md5 session keys (I say "mostly" because you can override
this with the session_enctypes string attribute in 1.11).
More information about the krbdev
mailing list