https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268186
--- Comment #54 from Cy Schubert <[email protected]> --- (In reply to amendlik from comment #53) My hypothesis is confirmed. My kdc's keys are encrypted using an older algorithm. I had exported the kdc and imported it using new keys to update it ~ 15 years ago. It works with Heimdal 1.5. Your keys in your KDC are encrypted using an algorithm not supported by Heimdal. The fix is to replace Heimdal in base with a newer Heimdal -- which I am working on but a recent git bug is preventing further progress due to recurring merge conflicts. (We git subtree merge and git rebase reassigns files in src/crypto/heimdal into src/. This affects all vendor/* code at time of import.) The other alternative is to install ports/security/openssh-portable built against ports/security/krb5. Your two options are to: 1. Wait for Heimdal 7.8.0 to be imported into FreeBSD, sometime this summer or autumn. 2. Install openssh-portable with MIT krb5. This must be done using the port because the binary package is built using the base system heimdal. -- You are receiving this mail because: You are the assignee for the bug.
