Go to main content

Managing Kerberos and Other Authentication Services in Oracle® Solaris 11.3

Exit Print View

Updated: May 2019
 
 

Kerberos and Strong Encryption

Kerberos tickets, described in How the Kerberos Service Works, are encrypted. Kerberos provides several algorithms, or encryption types, for encrypting tickets. By default, weak types, such as des and arcfour-hmac are disallowed. These types should only be allowed for backward compatibility or interoperability. For instructions about limiting encryption to the strongest encryption types, see How to Require Strong Encryption in Kerberos and the krb5.conf(4) man page.