Tags Tags

Bug#581815: kinit: KDC has no support for encryption type while getting initial credentials

May 16th, 2010 - 04:50 am ET by Gleb Natapov | Report spam
Help Create a new topic
Package: krb5-user
Version: 1.8.1+dfsg-2

When I run
$ kinit users@domain

I get:
kinit: KDC has no support for encryption type while getting initial credentials

Downgrading to:
krb5-user_1.7+dfsg-3_amd64.deb
libgssapi-krb5-2_1.7+dfsg-3_amd64.deb
libk5crypto3_1.7+dfsg-3_amd64.deb
libkadm5clnt6_1.7+dfsg-3_amd64.deb
libkrb5-3_1.7+dfsg-3_amd64.deb
libkrb5support0_1.7+dfsg-3_amd64.deb

make is working again.

I am running GNU/Linux squeeze/sid kernel 2.6.32-3-amd64 glibc 2.10.2-6

Gleb.



To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
email Follow the discussionReplies 1 replyReplies Make a reply

Similar topics

Display all similar topics

Replies

#1 Sam Hartman
May 16th, 2010 - 10:10 am ET | Report spam
source: krb5
source-version: 1.8.1+dfsg-2

Quoting /usr/share/doc/libkrb5-3/NEWS.debian.gz:

krb5 (1.8+dfsg~alpha1-1) unstable; urgency=low

This version of MIT Kerberos disables DES and 56-bit RC4 by default.
These encryption types are generally regarded as weak; defeating them
is well within the expected resources of some attackers. However,
some applications, such as OpenAFS or Kerberized NFS, still rely on
DES. To re-enable DES support add allow_weak_crypto=true to the
libdefaults section of /etc/krb5.conf



To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
email Follow the discussion Replies Reply to this message
Help Create a new topicReplies Make a reply
Search Make your own search