Kerberos 1.4 w/o des

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Kerberos 1.4 w/o des

Trev Peterson
Hello,

I am trying to configure kerberos to use 3des and aes but not single
des.  However, when I create a new principal I see the following in the
output of getprinc:

Number of keys: 2
Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 1, DES cbc mode with CRC-32, no salt
Attributes:

The relevant portion of kdc.conf is:

        master_key_type = des3-hmac-sha1
        supported_enctypes = aes256-cts-hmac-sha1-96:normal
des3-hmac-sha1:normal

The kdc.conf is being used as it has the correct realm and all.  The man
page on krb5kdc doesn't indicate any way to make the output more verbose
or include any debug info.  Any suggestions on how to track this down
are appreciated.

--
Trev Peterson <[hidden email]>
Advanced Reality

________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos