[Joakim Fallsjo] Re: [OpenAFS] Re: SuSe 9.0 &Heimdal.6
ted creedon
tcreedon@easystreet.com
Tue, 30 Dec 2003 09:03:00 -0800
Is there a way to verify that the checksums are the same in both =
keyfiles?
The presence of the des3-cbc-sha1 key in the keytab is specifically
mentioned to be deleted with=20
Kadmin> del_enctype sanchin.se@SANCHIN.SE des3-cbc-sha1
In the SuSE documentation.
Apparently it doesn't matter.
-----Original Message-----
From: Joakim Fallsjo [mailto:fallsjo@sanchin.se]=20
Sent: Tuesday, December 30, 2003 3:28 AM
To: ted creedon
Subject: Re: [Joakim Fallsjo] Re: [OpenAFS] Re: SuSe 9.0 &Heimdal.6
Hello and sorry for the delay.
"ted creedon" <tcreedon@easystreet.com> writes:
> Joakim,
>
> Do you have a krb5.conf I could look at and possibly a pam.d/login?
>
Well I have a krb5.conf that I could send you but it would probably not =
do
you any good du to the fact that I have a plain mapping between DNS-, =
realm-
and cellname (sanchin.se, SANCHIN.SE and sanchin.se).
My KeyFile only contains:
# ktutil -k AFSKEYFILE:KeyFile list
AFSKEYFILE:KeyFile:
Vno Type Principal =20
1 des-cbc-md5 afs/sanchin.se@SANCHIN.SE
and my kdc contains:
# kadmin -l get afs/sanchin.se
Principal: afs/sanchin.se@SANCHIN.SE
[...]
Keytypes(salttype[(salt-value)]): des-cbc-crc(pw-salt),
des-cbc-md4(pw-salt), des-cbc-md5(pw-salt), des3-cbc-sha1(pw-salt)
/JockeF
--=20
"We are a major superpower with a third-world electrical grid"
Gov. Bill Richardson of New Mexico