On 17/02/15 17:36, Benjamin Kaduk wrote:
> On Tue, 17 Feb 2015, Giuseppe Mazza wrote:
>
>> However on the client I have got:
>> client% head -5 /etc/krb5.conf
>> [appdefaults]
>> # [dwm] necessary for DOC.IC.AC.UK
>> allow_weak_crypto=true
>
> allow_weak_crypto is applicable in the [libdefaults] section, not
> [appdefaults]. Was your text quoted above a typo, or does it reflect your
> actual krb5.conf?
>
> -Ben Kaduk
>
Sorry...
Please, find a better view of a my client configuration below:
client% head -20 /etc/krb5.conf
[appdefaults]
# [dwm] necessary for DOC.IC.AC.UK
allow_weak_crypto=true
[libdefaults]
default_realm = DOC.IC.AC.UK
# The following krb5.conf variables are only for MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# [dwm] necessary for DOC.IC.AC.UK
allow_weak_crypto=true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code are
All the best,
Giuseppe
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
