diff options
Diffstat (limited to 'server/wallet-backend')
| -rwxr-xr-x | server/wallet-backend | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/server/wallet-backend b/server/wallet-backend index 0daf08d..9c6632e 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -394,6 +394,18 @@ Keytab objects support the following attributes: =over 4 +=item enctypes + +Restricts the generated keytab to a specific set of encryption types. The +values of this attribute must be enctype strings recognized by Kerberos +(strings like C<aes256-cts> or C<des-cbc-crc>). Note that the salt should +not be included; since the salt is irrelevant for keytab keys, it will +always be set to C<normal> by the wallet. + +If this attribute is set, the specified enctype list will be passed to ktadd +when get() is called for that keytab. If it is not set, the default set in +the KDC will be used. + =item sync Sets the external systems to which the key of a given principal is |