Changing encryption values on IBM i PASE Kerberos server
If necessary, change the default encryption settings on the Kerberos server so that clients can be authenticated to the IBM® i PASE Kerberos server.
To change the default encryption settings, you need to edit the kdc.conf file located in the /etc/krb5 directory by following these steps:
- In a character-based interface, enter edtf '/var/krb5/krb5kdc/kdc.conf' to access the kdc.conf file.
- The list below contains the supported encryption types.
Add or remove values so that the list contains the encryption types
you want to support.
supported_enctypes = des3-cbc-sha1:normal arcfour-hmac:normal aes256-cts:normal des-cbc-md5:normal des-cbc-crc:normal