We have requirements to only allow AES encryption. I'm trying to understand
what is the default and where everything comes in to play, the user tickets
are AES when obtained using kinit, but the system keytab shows des3 and arcfour
in addition to AES.
So my questions are
What is enabled/supported by default?
How can des3 and arcfour encryption types be disabled for Kerberos? ? I've
seen references to krbDefaultEncSaltTypes but cannot seem to find that in the
Are there any implications to doing this?
Running RHEL 6.6 clients against 7.1 servers supporting local and trusted AD
*** This communication may contain privileged and/or confidential information.
It is intended solely for the use of the addressee. If you are not the intended
recipient, you are strictly prohibited from disclosing, copying, distributing
or using any of this information. If you received this communication in error,
please contact the sender immediately and destroy the material in its entirety,
whether electronic or hard copy. ***
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project