Hi, Looking dns.key he has more encryption options:
$ klist -ke dns.keytab Keytab name: WRFILE:dns.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 DNS/[email protected] (des-cbc-crc) 1 [email protected] (des-cbc-crc) 1 DNS/[email protected] (des-cbc-md5) 1 [email protected] (des-cbc-md5) 1 DNS/[email protected] (arcfour-hmac) 1 [email protected] (arcfour-hmac) 1 DNS/[email protected] (aes128-cts-hmac-sha1-96) 1 [email protected] (aes128-cts-hmac-sha1-96) 1 DNS/[email protected] (aes256-cts-hmac-sha1-96) 1 [email protected] (aes256-cts-hmac-sha1-96) $ klist -ke http.keytab Keytab name: WRFILE:http.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 HTTP/[email protected] (des-cbc-crc) 1 HTTP/[email protected] (des-cbc-md5) 1 HTTP/[email protected] (arcfour-hmac) How to enable these encryptions in my http.keytab? Clodonil 2013/1/24 Hleb Valoshka <[email protected]> > Please! Don't write into private mail. Thanks. > > > $ Samba-tool user create http-user --random-password > > $ Samba-tool spn add HTTP/www.nisled.org http-user > > Okay, you've got user http-user with principals [email protected] > and HTTP/[email protected]. > > > $ Samba-tool domain exportkeytab --principal=HTTP/www.nisled.org > > http.keytab > > Here you export _only_ HTTP/[email protected]. > > > $ kinit -k -t http.keytab http-user > > kinit: Key table entry not found while getting initial credentials > > Of cause, because you didn't export it. > > > Can anyone help me? > > Export [email protected] too. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
