https://bugzilla.novell.com/show_bug.cgi?id=681201 https://bugzilla.novell.com/show_bug.cgi?id=681201#c6 --- Comment #6 from Jiří Suchomel <jsuchome@novell.com> 2011-03-25 09:39:18 UTC --- (In reply to comment #4)
weak_crypto option is only available in newer versions of krb5. They have disabled single DES and you can enable it again with this option.
But some services only support single DES, e.g. nfsv4 using GSSAPI. As I understand this, nfsv4 using crypto routines from the kernel. And the kernel support only single DES. This may have changed in newer kernel versions which might also support 3DES.
I think a checkbox for allow_weak_crypto might be good, but configure a list of crypto things might be overkill.
So, is there a chance update for SLES will be released soon, se we actually do not need such option? See comment 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.