Use only AES enctypes by default

Remove des3 and arcfour from the defaults for new installs. NOTE: the ipasam/dcerpc code sill uses arcfour Signed-off-by: Simo Sorce <simo@redhat.com> Ticket: https://fedorahosted.org/freeipa/ticket/4740 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
author: Simo Sorce <simo@redhat.com> 2015-11-23 13:40:42 -0500
committer: Martin Basti <mbasti@redhat.com> 2016-01-13 15:24:53 +0100
commit: 58ab032f1ae20454d4b9d760c7601fd8b44045f5 (patch)
tree: 7183ec913da97adbdc250e89008bc792c855f4f3 /install
parent: c0133778ae6ea207aa3b184af54fea5803e2ac23 (diff)
download: freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.tar.gz
freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.tar.xz
freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/install/share/kerberos.ldif b/install/share/kerberos.ldif
index 41e77952a..1f556382e 100644
--- a/install/share/kerberos.ldif
+++ b/install/share/kerberos.ldif
@@ -30,8 +30,6 @@ krbMaxTicketLife: 86400
 krbMaxRenewableAge: 604800
 krbDefaultEncSaltTypes: aes256-cts:special
 krbDefaultEncSaltTypes: aes128-cts:special
-krbDefaultEncSaltTypes: des3-hmac-sha1:special
-krbDefaultEncSaltTypes: arcfour-hmac:special
 
 # Default password Policy
 dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
author	Simo Sorce <simo@redhat.com>	2015-11-23 13:40:42 -0500
committer	Martin Basti <mbasti@redhat.com>	2016-01-13 15:24:53 +0100
commit	58ab032f1ae20454d4b9d760c7601fd8b44045f5 (patch)
tree	7183ec913da97adbdc250e89008bc792c855f4f3 /install
parent	c0133778ae6ea207aa3b184af54fea5803e2ac23 (diff)
download	freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.tar.gz freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.tar.xz freeipa-58ab032f1ae20454d4b9d760c7601fd8b44045f5.zip