we currently have a setup with an NFS file server combined with Kerberos authentication. Unfortunately, the file server is not in our full control and only supports single DES session keys.
For this to work, the NFS client machine has to tell its rpc.gssd it should run in legacy mode (-l), otherwise it uses 3DES or AES or something (not quite sure about that, but does not really matter either).
Now, theres the problem: on SLES11 SP3 rpc.gssd does not know about the parameter “-l” and refuses to use DES session keys.
In consequence all of our SLES11 servers are not able to connect to the file server making working on the services running on those machines rather dull.
Any suggestions or ideas on how to get legacy support into the gssd?
But I do not see how that would help anyway, the problem is specific to rpc.gssd
I took that advice from another user that had reported a similar problem i a different list.
I’ll relay you comments to my SUSE contacts, but cannot promise it will get included. Once I receive feedback from there, I’ll let you know. If you have a support contract and can open a ticket, please do so and forward me the SR number so I can follow-up on that.
