"only the encryption type of des-cbc-crc is functional so far in the kernel"?
Kevin Coffman
kwc at umich.edu
Thu Jun 19 16:47:08 EDT 2008
This is still true in the latest released kernel. There are patches
in the pipeline to add support for the remaining common enctypes (RC4,
3DES, AES). They are currently gated by the patches for the new
upcall.
On Thu, Jun 19, 2008 at 2:44 PM, Anders Andersson <pipatron at gmail.com> wrote:
> Hi! I'm trying to learn how to set up nfsv4 with kerberos, and I found
> this howto: http://wiki.linux-nfs.org/wiki/index.php/Enduser_doc_kerberos
>
> Regarding this item:
> ---
> Create machine credentials for the client. This means creating a
> Kerberos V5 principal/instance name of the form
> nfs/dns.name.of.client at REALM, and either adding a key for this
> principal to an existing /etc/krb5.keytab or creating an
> /etc/krb5.keytab. Note: only the encryption type of des-cbc-crc is
> functional so far in the kernel, so add ONLY this type of key.
> ---
>
> I wonder if this part is still true: "only the encryption type of
> des-cbc-crc is functional so far in the kernel"?
>
> It's difficult to say unless the kernel version is specified, or
> something like "as of 200x-xx-xx, foo is bar".
>
> Kind regards,
> Anders
> _______________________________________________
> NFSv4 mailing list
> NFSv4 at linux-nfs.org
> http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4
>
>
More information about the NFSv4
mailing list