On Fri, Nov 7, 2008 at 2:40 PM, Russ Allbery <[EMAIL PROTECTED]> wrote: > "Derrick Brashear" <[EMAIL PROTECTED]> writes: >> On Fri, Nov 7, 2008 at 1:53 PM, Marcus Watts <[EMAIL PROTECTED]> wrote: > >>> The AFS3 string to key function uses the cell name as part of the >>> conversion logic. For klog (with kaserver) that's guaranteed to be the >>> case. > >> Nope. OpenAFS moved to des string to key by default a while ago. klog >> tries both, so it "just works". > > Only if you have keys in your KDC with v4 salt. If you're converting from > a kaserver, you don't, so far as I can tell. It works for newly changed > keys, of course.
Not necessarily. But if your site changes you'd (probably) know... nothing precludes a random password change client from having stored a des key, though. -- Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
