rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
b0d04d78e0
krb5/kdc.conf
Julien Rische 12d175e299 Add AES SHA-2 HMAC family as default KDC etypes 
Resolves: rhbz#2068535
Signed-off-by: Julien Rische <jrische@redhat.com>
2023-01-13 15:03:46 +01:00

17 lines
743 B
Plaintext
Raw Blame History

[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
spake_preauth_kdc_challenge = edwards25519
[realms]
EXAMPLE.COM = {
master_key_type = aes256-cts-hmac-sha384-192
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
default_principal_flags = +preauth
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts-hmac-sha384-192:normal aes128-cts-hmac-sha256-128:normal aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal camellia256-cts-cmac:normal camellia128-cts-cmac:normal arcfour-hmac-md5:normal
# Supported encryption types for FIPS mode:
#supported_enctypes = aes256-cts-hmac-sha384-192:normal aes128-cts-hmac-sha256-128:normal
}
Reference in New Issue View Git Blame Copy Permalink