On Thu, 2014-03-20 at 00:52 +0100, Wendy Lin wrote:
On 20 March 2014 00:04, Wendy Lin wendlin1...@gmail.com wrote:
On 19 March 2014 23:36, steve st...@steve-ss.com wrote:
On Wed, 2014-03-19 at 23:16 +0100, Wendy Lin wrote:
On 19 March 2014 14:11, steve st...@steve-ss.com wrote:
On Wed,
On Thu, 2014-03-20 at 00:52 +0100, Wendy Lin wrote:
I tried permitted_enctypes = des-cbc-crc des3-cbc-sha1 but this only
gives me a new kind of (its mocking me?!) error message in
/var/log/messages on the server:
rpc.svcgssd[6967]: qword_eol: fflush failed: errno 38 (Function not
On 20 March 2014 11:03, steve st...@steve-ss.com wrote:
On Thu, 2014-03-20 at 00:52 +0100, Wendy Lin wrote:
I tried permitted_enctypes = des-cbc-crc des3-cbc-sha1 but this only
gives me a new kind of (its mocking me?!) error message in
/var/log/messages on the server:
rpc.svcgssd[6967]:
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin wrote:
On 20 March 2014 11:03, steve st...@steve-ss.com wrote:
On Thu, 2014-03-20 at 00:52 +0100, Wendy Lin wrote:
I tried permitted_enctypes = des-cbc-crc des3-cbc-sha1 but this only
gives me a new kind of (its mocking me?!) error message in
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin wrote:
Doable, but it will take months to migrate. What do not understand is
that no one, say Linus or friends, *test* their stuff it it is really
interoperable with the rest of the world. It hurts, badly.
I am sure if you buy a service contract
Simo, please be careful with advertising. Fedora has the same problem.
Olga
On Thu, Mar 20, 2014 at 2:16 PM, Simo Sorce s...@redhat.com wrote:
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin wrote:
Doable, but it will take months to migrate. What do not understand is
that no one, say Linus or
Can any one confirm, or deny, that using only
permitted_enctypes = des-cbc-crc
will work around the problem? How can I create such a des-cbc-crc
key, if I do not have them yet?
Olga
On Thu, Mar 20, 2014 at 1:44 PM, steve st...@steve-ss.com wrote:
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin
On Thu, 2014-03-20 at 14:24 +0100, ольга крыжановская wrote:
Simo, please be careful with advertising. Fedora has the same problem.
Olga
On Thu, Mar 20, 2014 at 2:16 PM, Simo Sorce s...@redhat.com wrote:
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin wrote:
Doable, but it will take months
On Thu, 2014-03-20 at 09:16 -0400, Simo Sorce wrote:
On Thu, 2014-03-20 at 13:05 +0100, Wendy Lin wrote:
Doable, but it will take months to migrate. What do not understand is
that no one, say Linus or friends, *test* their stuff it it is really
interoperable with the rest of the world. It
On Thu, 2014-03-20 at 14:48 +0100, ольга крыжановская wrote:
Can any one confirm, or deny, that using only
permitted_enctypes = des-cbc-crc
will work around the problem?
In older kernels the only encryption algorithm supported for NFS is DES,
this is a well known limitation.
How can I
On 20 March 2014 15:23, Simo Sorce s...@redhat.com wrote:
On Thu, 2014-03-20 at 14:48 +0100, ольга крыжановская wrote:
Can any one confirm, or deny, that using only
permitted_enctypes = des-cbc-crc
will work around the problem?
In older kernels the only encryption algorithm supported for
I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
allow_weak_crypto = true
# permitted_enctypes = des-cbc-crc arcfour-hmac des3-cbc-sha1
aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96
permitted_enctypes = des-cbc-crc
Now if I try to kinit I get this error:
kinit
On Thu, 2014-03-20 at 23:01 +0100, Wendy Lin wrote:
I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
allow_weak_crypto = true
# permitted_enctypes = des-cbc-crc arcfour-hmac des3-cbc-sha1
aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96
permitted_enctypes =
On Thu, 20 Mar 2014, Wendy Lin wrote:
I have this in my Suse 11.3 /etc/krb.conf for libdefaults:
allow_weak_crypto = true
# permitted_enctypes = des-cbc-crc arcfour-hmac des3-cbc-sha1
aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96
permitted_enctypes = des-cbc-crc
Now
On Thu, 20 Mar 2014, Wendy Lin wrote:
On 20 March 2014 15:23, Simo Sorce s...@redhat.com wrote:
On Thu, 2014-03-20 at 14:48 +0100, ольга крыжановская wrote:
Can any one confirm, or deny, that using only
permitted_enctypes = des-cbc-crc
will work around the problem?
In older kernels the
Benjamin Kaduk ka...@mit.edu writes:
As documented at
http://web.mit.edu/kerberos/krb5-latest/doc/admin/admin_commands/kadmin_local.html#ktadd
, the argument to the -e flag is an enctype:salt pair, e.g.,
des-cbc-crc:normal.
The ability to omit the salttype suffix (:normal) for
16 matches
Mail list logo