On Sep 22, 2011, at 8:04 AM, Ivan Glushkov wrote: >> >> Been getting it every since updating to Lion, but never got around to >> looking into it ? >> > > I added > > allow_weak_crypto = true > > in the [libdefaults] part of /etc/krb5.conf and it works for me. I have no > idea what exactly this means - is my encryption somehow weaker?!
Yes, tho I no longer recall the fine details. If memory serves, there are some older encryption types in kerberos which are no longer recommended (des3? des?). The code to handle them is still there, but the default is not to use or permit them to be used unless allow_weak_crypto = true. I've bcc'd this note to someone who can give a better answer._______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
