Comment 6 for bug 938581

I've solved my problem by:

1) generating des-cbc-crc only keys in /etc/krb5.keytab on server and client with
     sudo kadmin -p XXX/admin -q "ktadd -e des-cbc-crc:normal nfs/servername.fqn"

2) allowing weak enc. (server and client) and changing the algorithm order in /etc/krb5.conf (server):

allow_weak_crypto = true
default_etypes = arcfour-hmac-md5 des3-cbc-sha1
default_etypes_des = des-cbc-md5,des-cbc-crc
default_tgs_enctypes = des-cbc-md5,des-cbc-crc
default_tkt_enctypes = des-cbc-md5,des-cbc-crc
permitted_enctypes = des-cbc-md5,des-cbc-crc,des3-cbc-sha1,arcfour-hmac-md5,des-cbc-md4,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96