[OpenAFS] Setup OpenAFS, Heimdahl ans Keyfiles
Derek Atkins
warlord@MIT.EDU
19 Sep 2002 09:34:24 -0400
Holger Br=FCckner <lists@net-labs.de> writes:
> i created an afs entry with ktadmin and exported it to a keytab file:
>=20
> kdc:~ # ktutil -k /etc/afskeytab.krb5 list
> /etc/afskeytab.krb5:
>=20
> Vno Type Principal
> 1 des-cbc-crc afs@NETLABS.DEV
> 1 des-cbc-md4 afs@NETLABS.DEV
> 1 des-cbc-md5 afs@NETLABS.DEV
> 1 des3-cbc-sha1 afs@NETLABS.DEV
>=20
> looking through the mailinglist archives i read that the des3-cbc-sha1
> key might cause problems with aklog so i removed this one:
>=20
> kdc:~ # ktutil -k /etc/afskeytab.krb5 remove -p afs@NETLABS.DEV -e
> des3-cbc-sha1
> kdc:~ # ktutil -k /etc/afskeytab.krb5 list
> /etc/afskeytab.krb5:
>=20
> Vno Type Principal
> 1 des-cbc-crc afs@NETLABS.DEV
> 1 des-cbc-md4 afs@NETLABS.DEV
> 1 des-cbc-md5 afs@NETLABS.DEV
Did you remove the 3des key from the KDC database?
-derek
--=20
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available