Date: Fri, 26 Jul 2024 19:49:05 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 280407] Authentication fails when using pam_krb5.so Message-ID: <bug-280407-227-jCm8veKw1t@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-280407-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280407 --- Comment #4 from Cy Schubert <cy@FreeBSD.org> --- Confirmed with: auth required pam_krb5.so no_warn try_first_pass debug I was able to log in using my krb5 password with: auth sufficient pam_krb5.so no_warn try_first_pass debug The machine I tested on uses LDAP accounts. Passwords are not served by LDAP. Only my KDC handles authentication. There is no other way to log into that machine, proving that my KDC authenticated. Jul 26 12:48:01 cwsys sshd[42117]: Accepted keyboard-interactive/pam for cy from 10.1.1.91 port 43327 ssh2 The customer should change the "required" to "sufficient". The krb5 documentation I've read always says sufficient. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280407-227-jCm8veKw1t>