Bug 2423900

Summary: Password authentication fails
Product: [Fedora] Fedora Reporter: Alexey Tikhonov <atikhono>
Component: opensshAssignee: Dmitry Belyavskiy <dbelyavs>
Status: NEW --- QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: rawhideCC: abokovoy, crypto-team, dbelyavs, dwalsh, frenaud, jjelen, lkundrak, mattias.ellert, sbose, spoore, tm
Target Milestone: ---Flags: sbose: needinfo? (abokovoy)
fedora-admin-xmlrpc: mirror+
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexey Tikhonov 2025-12-19 15:47:28 UTC 
Some of automated SSSD tests started to fail very recently.

Symptoms are as follows:
 - test executes:
```
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PreferredAuthentications=password -o NumberOfPasswordPrompts=1 -l TESTUSER localhost
```
 - enters password
 - and gets in response:
```
TESTUSER@localhost: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive).
```

In systemd journal it looks like:
```
sshd-session[665010]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=::1 user=TESTUSER
sshd-session[665010]: Failed password for TESTUSER from ::1 port 59358 ssh2
```

SSSD own logs look sane - auth succeeds.

Timing hints this might be related with recent rebase:
https://src.fedoraproject.org/rpms/openssh/c/be36f8dbd60f4d2e7e1e8b21c615a615f1182f84?branch=rawhide

```
# rpm -q openssh
openssh-10.2p1-1.fc44.x86_64
```

Reproducible: Always