Kerberos update krb5.conf
Update krb5.conf to newest version.
Updates included in krb5.conf v5.5:
- Updated [libdefaults] area:
- Moved information around to be grouped together to clarify which options are related to each other.
- Default realm is moved to the top.
- Added dns_lookup_kdc = true to permit unconfigured Realms to be fetched from DNS.
- Grouped together ticket information.
- Set ticket_lifetime to 26h instead of 1560m.
- Grouped encryption types together, including allow_weak_crypto = true.
- Removed ccache_type = 4, autologin = true, forward = true, renewable = true, encrypt = true.
- Removed options are no longer valid.
- Updated [appdefaults] area:
- Removed default_lifetime = 7d, autologin = true, forward = true.
- Removed telnet, rcp, rsh, rlogin, login, kinit, ftpd, and pam.
- Applications removed are no longer used or necessary.
For information on all version changes, please review the bottom of the krb5.conf file.
How to update krb5.conf
- SLF6 (depending on the system)
yum update krb5-fermi-krb5.conf
yum update krb5-fermi-config
yum update fermilab-conf_kerberos
Back up the existing file. Download the update here and manually replace the existing file.
- Fermilab-Managed device
Install from the Self Service app.
Download the update here and manually replace the existing file.
- Domain/Fermilab Managed
Install from the Software Center.
Backup existing file. Download the update here and manually replace the existing file.
How to revert to previous version of krb5.conf
yum downgrade krb5-fermi-krb5.conf
yum downgrade krb5-fermi-config
depending on the system
yum downgrade fermilab-conf_kerberos
Manually replace the file from back up.
If you have installed the krb5.conf file from Self Service, previous version of the file will be backed up locally.
If you have installed krb5.conf file from Self Service, the previous version of the file will be backed up locally. Manually replace the file from back up. The back up location is: /etc/krb5.conf-original
If you have installed the krb5.conf file from the Software Center, the previous version of the file will be backed up locally. Manually replace the file from back up. The back up location is C:\ProgramData\Kerberos\krb5(DateStamp).bak, where DateStamp depends on the installation date.
The previous version for all operating systems is also available here: