Date: Sat, 04 Sep 2021 18:27:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 258236] krb5.conf man page Message-ID: <bug-258236-227-gWLBGqq9pn@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-258236-227@https.bugs.freebsd.org/bugzilla/> References: <bug-258236-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D258236 Benjamin Kaduk <bjk@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bjk@FreeBSD.org --- Comment #1 from Benjamin Kaduk <bjk@FreeBSD.org> --- I think this is not a bug in FreeBSD, but rather an unfortunate consequence= of having two kerberos implementations installed, with MANPATH and PATH search= ing in different orders. The kerberos included in the base system is an older version of heimdal kerberos, which notably does not include support for the RFC 8009 enctypes (i.e., aes128-cts-hmac-sha256-128 and aes256-cts-hmac-sha384-192). The krb5.conf manual you are reading is from that same heimdal kerberos distribution, and rightly does not document those enctypes. Given that you can use the RFC 8009 enctypes (or, at least, see them offere= d), you must have security/krb5 (or security/heimdal) installed. It seems that upstream heimdal has not updated the list of enctypes in their krb5.conf.5,= and a bug report against https://github.com/heimdal/heimdal/issues would be use= ful. MIT krb5 does not list enctypes in the krb5.conf manual directly, referenc= ing a list of encryption types in the kdc.conf manual instead, so you are surely looking at a heimdal-derived krb5.conf manual. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-258236-227-gWLBGqq9pn>