If you use kerberos for authentication and you’ve recently moved to Fedora 14, you may encounter this error while requesting a ticket with kinit:
kinit: KDC has no support for encryption type while getting initial credentials
The bug report suggests the following workaround (which worked for me):
As a temporary workaround, systems which need to continue to use the weaker ciphers can be configured with “allow_weak_crypto = yes” in the [libdefaults] section of their respective /etc/krb5.conf files.
Updated November 19, 2010: As noted in the comments, I overlooked the fact that changing your password also addresses this problem. This seems like the best way to go.
Image by frogmuseum2 via flickr used under a Creative Commons license.
November 4, 2010 at 7:10 am
Another solution (that IIRC I saw in that BZ too) is to change your password.
It worked fine for me, without the need of enabling weak crypto.
October 28, 2010 at 2:01 pm
Thanks a lot for the tip…
October 27, 2010 at 6:01 am
I hate to see usage of weak crypto with kerberos. Just rekey your principal with correct encryption and you should be fine!
October 27, 2010 at 6:30 am
Yes, but what do you do when you have no control of the principal?
November 18, 2010 at 7:10 am
Apparently you just go to shell.devel.redhat.com and type kpasswd, type your password 3 times, voila. Worked for me.