My reading of "supported_enctypes" is simply that it will stop kadmin/the
KDC from generating NEW keys of an older type, correct?
That if I do a
cpw without -keepold, those keys will be removed -- but otherwise, the KDC will not act as though a user with 3des-only keys doesn't exist.
Changing it should not break any authentication or tickets?
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 295 |
Nodes: | 16 (2 / 14) |
Uptime: | 07:33:35 |
Calls: | 6,642 |
Calls today: | 2 |
Files: | 12,190 |
Messages: | 5,326,102 |