Use only AES enctypes by default

Remove des3 and arcfour from the defaults for new installs. NOTE: the ipasam/dcerpc code sill uses arcfour Signed-off-by: Simo Sorce <simo@redhat.com> Ticket: https://fedorahosted.org/freeipa/ticket/4740
author: Simo Sorce <simo@redhat.com> 2015-11-23 13:40:42 -0500
committer: Simo Sorce <simo@redhat.com> 2015-12-11 15:20:52 -0500
commit: 418f49a249d444bc4eff83c1a60bc3bc756e6012 (patch)
tree: bea7f0cbd5205ca3279297052a5de70bb417a1a8 /install
parent: dcb5c2a5200a797b0eec9bb809c570f9ed80f7bb (diff)
download: freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.tar.gz
freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.tar.xz
freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/install/share/kerberos.ldif b/install/share/kerberos.ldif
index 41e77952a..1f556382e 100644
--- a/install/share/kerberos.ldif
+++ b/install/share/kerberos.ldif
@@ -30,8 +30,6 @@ krbMaxTicketLife: 86400
 krbMaxRenewableAge: 604800
 krbDefaultEncSaltTypes: aes256-cts:special
 krbDefaultEncSaltTypes: aes128-cts:special
-krbDefaultEncSaltTypes: des3-hmac-sha1:special
-krbDefaultEncSaltTypes: arcfour-hmac:special
 
 # Default password Policy
 dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
author	Simo Sorce <simo@redhat.com>	2015-11-23 13:40:42 -0500
committer	Simo Sorce <simo@redhat.com>	2015-12-11 15:20:52 -0500
commit	418f49a249d444bc4eff83c1a60bc3bc756e6012 (patch)
tree	bea7f0cbd5205ca3279297052a5de70bb417a1a8 /install
parent	dcb5c2a5200a797b0eec9bb809c570f9ed80f7bb (diff)
download	freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.tar.gz freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.tar.xz freeipa-418f49a249d444bc4eff83c1a60bc3bc756e6012.zip