IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-30 10:47:08 -06:00
Code Issues Packages Projects Releases Wiki Activity
9d8ddb5d46
freeipa/install/share/default-keytypes.ldif
Simo Sorce 4f8e4482b3 pwd-plugin: Always use a special salt by default. 
This should make renamed users able to keep using old credentials as the salt
is not derived from the principal name but is always a random quantity.

https://fedorahosted.org/freeipa/ticket/412
2010-10-28 17:18:03 -04:00

34 lines
1.0 KiB
Plaintext
Raw Blame History

#kerberos keytypes
dn: cn=$REALM,cn=kerberos,$SUFFIX
changetype: modify
add: krbSupportedEncSaltTypes
krbSupportedEncSaltTypes: aes256-cts:normal
krbSupportedEncSaltTypes: aes256-cts:special
krbSupportedEncSaltTypes: aes128-cts:normal
krbSupportedEncSaltTypes: aes128-cts:special
krbSupportedEncSaltTypes: des3-hmac-sha1:normal
krbSupportedEncSaltTypes: des3-hmac-sha1:special
krbSupportedEncSaltTypes: arcfour-hmac:normal
krbSupportedEncSaltTypes: arcfour-hmac:special
krbSupportedEncSaltTypes: des-hmac-sha1:normal
krbSupportedEncSaltTypes: des-cbc-md5:normal
krbSupportedEncSaltTypes: des-cbc-crc:normal
krbSupportedEncSaltTypes: des-cbc-crc:v4
krbSupportedEncSaltTypes: des-cbc-crc:afs3
-
add: krbMaxTicketLife
krbMaxTicketLife: 86400
-
add: krbMaxRenewableAge
krbMaxRenewableAge: 604800
#kerberos keytypes
dn: cn=$REALM,cn=kerberos,$SUFFIX
changetype: modify
add: krbDefaultEncSaltTypes
krbDefaultEncSaltTypes: aes256-cts:special
krbDefaultEncSaltTypes: aes128-cts:special
krbDefaultEncSaltTypes: des3-hmac-sha1:special
krbDefaultEncSaltTypes: arcfour-hmac:special
Reference in New Issue View Git Blame Copy Permalink