Package: krb5-admin-server Version: 1.17-4 Severity: normal Version 1.17-4 of the kerberos 5 packages removes single DES support. If such encryption types are enabled in kdc.conf, the admin server will error out with:
kadmind: Required parameters in kdc.conf missing while initializing It is not at all clear from the error message what the problem is. Removing DES encryption types allows the admin server to start correctly. It would be great if the error message could be improved. Failing (or perhaps in addition to) that the preinst script could check for deprecated encryption types and warn the user that the configuration needs to be modified or krb5 will break. -- System Information: Debian Release: 10.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.24-core2-server (SMP w/8 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages krb5-admin-server depends on: ii debconf [debconf-2.0] 1.5.72 ii krb5-kdc 1.17-4 ii libc6 2.28-10 ii libcom-err2 1.45.2-1 ii libgssapi-krb5-2 1.17-4 ii libgssrpc4 1.17-4 ii libk5crypto3 1.17-4 ii libkadm5srv-mit11 1.17-4 ii libkdb5-9 1.17-4 ii libkeyutils1 1.6-6 ii libkrb5-3 1.17-4 ii libkrb5support0 1.17-4 ii libss2 1.45.2-1 ii libverto1 0.3.0-2 ii lsb-base 10.2019051400 krb5-admin-server recommends no packages. krb5-admin-server suggests no packages. -- debconf information: * krb5-admin-server/newrealm:
