diff options
| author | Nalin Dahyabhai <nalin@redhat.com> | 2012-11-15 17:32:34 -0500 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin@redhat.com> | 2012-11-16 13:01:56 -0500 |
| commit | 18bdbb99e36d5d2f539a9b368bc913004e2c8c55 (patch) | |
| tree | 50ff7f9e80ea37d5786cd2b91dccaa2e0f419117 /krb5kdc.init | |
| parent | 0efe966105288d4f02712d1fbbe711b231b4f2cf (diff) | |
| download | krb5-18bdbb99e36d5d2f539a9b368bc913004e2c8c55.tar.gz krb5-18bdbb99e36d5d2f539a9b368bc913004e2c8c55.tar.xz krb5-18bdbb99e36d5d2f539a9b368bc913004e2c8c55.zip | |
drop the only-weak-keys checker
Diffstat (limited to 'krb5kdc.init')
| -rwxr-xr-x | krb5kdc.init | 9 |
1 files changed, 0 insertions, 9 deletions
diff --git a/krb5kdc.init b/krb5kdc.init index c765790..3462ca6 100755 --- a/krb5kdc.init +++ b/krb5kdc.init @@ -41,15 +41,6 @@ PATH=/usr/lib64/krb5:/usr/lib/krb5:"$PATH" # Shell functions to cut down on useless shell instances. start() { [ -x $krb5kdc ] || exit 5 - # check that some of the basic principal names don't only have weak - # keys available. if they do, warn that they should be changed to - # get some keys for stronger ciphers added - if ! is_false "$KRB5CHECKWEAK" ; then - localhost=`hostname` - for principal in `kdb_check_weak -p "krbtgt/${KRB5REALM:+${KRB5REALM}@${KRB5REALM}}" "kadmin/admin${KRB5REALM:+@${KRB5REALM}}" "kadmin/changepw${KRB5REALM:+@${KRB5REALM}}" "kadmin/$localhost${KRB5REALM:+@${KRB5REALM}}"` ; do - echo -n "Keys for $principal should be changed to include keys for non-weak ciphers." ; warning ; echo "" - done - fi echo -n $"Starting $prog: " # tell portreserve to release the kerberos-iv port [ -x /sbin/portrelease ] && /sbin/portrelease kerberos-iv &>/dev/null || : |