Re: [OpenAFS] MIT kerberos 1.8 is released and disabled single DES by default

Russ Allbery Tue, 02 Mar 2010 16:44:08 -0800

Jason Edgecombe <[email protected]> writes:

> Since MIT released their kerberos 1.8 software today and it disables
> single DES by default, what steps should we take to educate new users
> about this? Any suggested specfiic documentation changes?


UNIX users shouldn't have to care about this provided that they're running
any version after commits:

    f02ab3339d01bca414fe705f3a990a1db146f29b
    cb4b62a40352ccebae3a299f4327fa70fc7a0c5c

on master and:

    b0b85ad33b49f18ef18af40716bfc110f629068b
    d22e6c08bea7192603e94e751d6e38ae49d04951

on the 1.4 branch.  This will be in 1.4.12.  That fixes aklog and
klog.krb5 to enable DES explicitly if the Kerberos implementation disables
DES by default.

-- 
Russ Allbery ([email protected])             <http://www.eyrie.org/~eagle/>
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] MIT kerberos 1.8 is released and disabled single DES by default

Reply via email to