Kerberos Mechanism - Supported MAX_SSF

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

It looks to me (from [1]) that we only support max_ssf of 56 (i.e. DES-56) with GSSAPI implementation of Kerberos in Cyrus SASL. Can someone please confirm on this ? I am looking for AES 256 bit encryption with Kerberos mechanism. If that's not supported is there any plan for supporting it ? Please advice.


[1]https://svn.apache.org/repos/asf/subversion/trunk/notes/sasl.txt


The realm in svnserve.conf is your Kerberos authentation realm, e.g. "EXAMPLE.COM". Cyrus's GSSAPI implementation does not support encryption, except for very basic 56-bit DES.  If you leave the encrypt settings out of your svnserve.conf entirely, you're fine; just don't set max-encryption higher than 56.


Thanks,

Sorabh

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux