[OpenAFS] DES session key after removal of KeyFile
Staffan Hämälä
sh@ltu.se
Wed, 12 Feb 2014 14:20:52 +0100
For some reason, we're still getting a DES session key after removing
the KeyFile on all OpenAFS-servers, and touching CellServDB, according
to these instructions:
https://www.openafs.org/pages/security/install-rxkad-k5-1.6.txt
Old clients still work even though there is no DES in rxkad.keytab.
klist -v shows:
...
Server: krbtgt/LTU.SE@LTU.SE
...
Ticket etype: arcfour-hmac-md5, kvno 1
Session key: aes256-cts-hmac-sha1-96
Server: afs/ltu.se@LTU.SE
...
Ticket etype: aes256-cts-hmac-sha1-96, kvno 3
Session key: des-cbc-crc
What can be the cause of this?
/Staffan
IT-Service
LTU