1) generating des-cbc-crc only keys in /etc/krb5.keytab on server and client with
sudo kadmin -p XXX/admin -q "ktadd -e des-cbc-crc:normal nfs/servername.fqn"
2) allowing weak enc. (server and client) and changing the algorithm order in /etc/krb5.conf (server):
I've solved my problem by:
1) generating des-cbc-crc only keys in /etc/krb5.keytab on server and client with
sudo kadmin -p XXX/admin -q "ktadd -e des-cbc-crc:normal nfs/servername.fqn"
2) allowing weak enc. (server and client) and changing the algorithm order in /etc/krb5.conf (server):
allow_weak_crypto = true md5,des- cbc-crc tgs_enctypes = des-cbc- md5,des- cbc-crc tkt_enctypes = des-cbc- md5,des- cbc-crc md5,des- cbc-crc, des3-cbc- sha1,arcfour- hmac-md5, des-cbc- md4,aes256- cts-hmac- sha1-96, aes128- cts-hmac- sha1-96
default_etypes = arcfour-hmac-md5 des3-cbc-sha1
default_etypes_des = des-cbc-
default_
default_
permitted_enctypes = des-cbc-