diff options
author | Simo Sorce <ssorce@redhat.com> | 2010-10-27 15:05:56 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2010-10-28 17:18:03 -0400 |
commit | 4f8e4482b316cc5996986bdfae12cc27be27df5e (patch) | |
tree | 672d8bb2672dd5e18586bad3b48fbe612388f0ec /install/share | |
parent | 79c39339dae3d95db977bea153938bb2d7e98052 (diff) | |
download | freeipa.git-4f8e4482b316cc5996986bdfae12cc27be27df5e.tar.gz freeipa.git-4f8e4482b316cc5996986bdfae12cc27be27df5e.tar.xz freeipa.git-4f8e4482b316cc5996986bdfae12cc27be27df5e.zip |
pwd-plugin: Always use a special salt by default.
This should make renamed users able to keep using old credentials as the salt
is not derived from the principal name but is always a random quantity.
https://fedorahosted.org/freeipa/ticket/412
Diffstat (limited to 'install/share')
-rw-r--r-- | install/share/default-keytypes.ldif | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/install/share/default-keytypes.ldif b/install/share/default-keytypes.ldif index 8561b98d..8093b698 100644 --- a/install/share/default-keytypes.ldif +++ b/install/share/default-keytypes.ldif @@ -3,9 +3,13 @@ dn: cn=$REALM,cn=kerberos,$SUFFIX changetype: modify add: krbSupportedEncSaltTypes krbSupportedEncSaltTypes: aes256-cts:normal +krbSupportedEncSaltTypes: aes256-cts:special krbSupportedEncSaltTypes: aes128-cts:normal +krbSupportedEncSaltTypes: aes128-cts:special krbSupportedEncSaltTypes: des3-hmac-sha1:normal +krbSupportedEncSaltTypes: des3-hmac-sha1:special krbSupportedEncSaltTypes: arcfour-hmac:normal +krbSupportedEncSaltTypes: arcfour-hmac:special krbSupportedEncSaltTypes: des-hmac-sha1:normal krbSupportedEncSaltTypes: des-cbc-md5:normal krbSupportedEncSaltTypes: des-cbc-crc:normal @@ -22,10 +26,8 @@ krbMaxRenewableAge: 604800 dn: cn=$REALM,cn=kerberos,$SUFFIX changetype: modify add: krbDefaultEncSaltTypes -krbDefaultEncSaltTypes: aes256-cts:normal -krbDefaultEncSaltTypes: aes128-cts:normal -krbDefaultEncSaltTypes: des3-hmac-sha1:normal -krbDefaultEncSaltTypes: arcfour-hmac:normal -krbDefaultEncSaltTypes: des-hmac-sha1:normal -krbDefaultEncSaltTypes: des-cbc-md5:normal +krbDefaultEncSaltTypes: aes256-cts:special +krbDefaultEncSaltTypes: aes128-cts:special +krbDefaultEncSaltTypes: des3-hmac-sha1:special +krbDefaultEncSaltTypes: arcfour-hmac:special |