diff options
Diffstat (limited to 'client/wallet.pod')
| -rw-r--r-- | client/wallet.pod | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/client/wallet.pod b/client/wallet.pod index 6d325e9..28b472d 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -287,6 +287,18 @@ Keytab objects support the following attributes: =over 4 +=item enctypes + +Restricts the generated keytab to a specific set of encryption types. The +values of this attribute must be enctype strings recognized by Kerberos +(strings like C<aes256-cts> or C<des-cbc-crc>). Note that the salt should +not be included; since the salt is irrelevant for keytab keys, it will +always be set to C<normal> by the wallet. + +If this attribute is set, the specified enctype list will be passed to ktadd +when get() is called for that keytab. If it is not set, the default set in +the KDC will be used. + =item sync Sets the external systems to which the key of a given principal is |