Garrison, Eric C wrote: > Default principal: [email protected] > > Valid starting Expires Service principal > 07/08/09 14:53:40 07/09/09 00:53:44 krbtgt/[email protected] > renew until 07/09/09 14:53:40, Etype (skey, tkt): AES-256 CTS > mode with 96-bit SHA-1 HMAC, AES-256 CTS mode with 96-bit SHA-1 HMAC > 07/08/09 14:53:56 07/09/09 00:53:44 afs/[email protected] > renew until 07/09/09 14:53:40, Etype (skey, tkt): AES-256 CTS > mode with 96-bit SHA-1 HMAC, AES-256 CTS mode with 96-bit SHA-1 HMAC > > So what else should I look for in the token being bad in another way?
The enctype must be DES-CBC-CRC for use with AFS. AES is not supported. Jeffrey Altman _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
