Changing encryption values on IBM i PASE Kerberos server

Edit online

If necessary, change the default encryption settings on the Kerberos server so that clients can be authenticated to the IBM® i PASE Kerberos server.

To change the default encryption settings, you need to edit the kdc.conf file located in the /etc/krb5 directory by following these steps:
  1. In a character-based interface, enter edtf '/var/krb5/krb5kdc/kdc.conf' to access the kdc.conf file.
  2. The list below contains the supported encryption types. Add or remove values so that the list contains the encryption types you want to support. 
    supported_enctypes = des3-cbc-sha1:normal 
arcfour-hmac:normal aes256-cts:normal
des-cbc-md5:normal des-cbc-crc:normal