Bug 117772 - pam_krb5 > 1.x won't authenticate
Summary: pam_krb5 > 1.x won't authenticate
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Fedora
Classification: Fedora
Component: pam_krb5
Version: 1
Hardware: i686
OS: Linux
medium
high
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-03-08 12:53 UTC by Brett Boren
Modified: 2008-08-02 23:40 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-10-25 20:38:10 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Brett Boren 2004-03-08 12:53:04 UTC
Description of problem: On redhat <= 9 pam_krb5 correctly 
authenticated username,password, and SecureID with DoD kerberos 
system. With pam_krb5 shipped with FC1, /var/log/secure gives the 
following: 

Mar  5 15:16:26 kup login: pam_krb5[1505]: default/local 
realm 'HPCMP.HPC.MIL'
Mar  5 15:16:26 kup login: pam_krb5[1505]: configured 
realm 'HPCMP.HPC.MIL'
Mar  5 15:16:26 kup login: pam_krb5[1505]: flags: forwardable
Mar  5 15:16:26 kup login: pam_krb5[1505]: flag: user_check
Mar  5 15:16:26 kup login: pam_krb5[1505]: flag: no krb4_convert
Mar  5 15:16:26 kup login: pam_krb5[1505]: flag: warn
Mar  5 15:16:26 kup login: pam_krb5[1505]: ticket lifetime: 0
Mar  5 15:16:26 kup login: pam_krb5[1505]: renewable lifetime: 0
Mar  5 15:16:26 kup login: pam_krb5[1505]: minimum uid: 10
Mar  5 15:16:26 kup login: pam_krb5[1505]: banner: Kerberos 5
Mar  5 15:16:26 kup login: pam_krb5[1505]: ccache dir: /var/tmp
Mar  5 15:16:26 kup login: pam_krb5[1505]: keytab: /etc/krb5.keytab
Mar  5 15:16:26 kup login: pam_krb5[1505]: called to 
authenticate 'bboren'
Mar  5 15:16:26 kup login: pam_krb5[1505]: 
authenticating 'bboren.MIL'
Mar  5 15:16:29 kup login: pam_krb5[1505]: saving newly-entered 
password for use by other modules
Mar  5 15:16:29 kup login: pam_krb5[1505]: trying newly-entered 
password for 'bboren'
Mar  5 15:16:29 kup login: pam_krb5[1505]: 
authenticating 'bboren.MIL' 
to 'krbtgt/HPCMP.HPC.MIL.MIL'
Mar  5 15:16:30 kup login: pam_krb5[1505]: 
krb5_get_init_creds_password(krbtgt/HPCMP.HPC.MIL.MIL) 
returned -1765328254 (Cannot read password)
Mar  5 15:16:30 kup login: pam_krb5[1505]: got result -1765328254 
(Cannot read password)
Mar  5 15:16:30 kup login: pam_krb5[1505]: authentication fails 
for 'bboren' (bboren.MIL): Authentication failure (Cannot 
read password)


Version-Release number of selected component (if applicable):
Appears to be any of the 2.x

How reproducible: Always

Comment 1 Matthew Miller 2006-07-11 17:51:10 UTC
Fedora Core 1 is maintained by the Fedora Legacy project for security updates
only. If this problem is a security issue, please reopen and reassign to the
Fedora Legacy product. If it is not a security issue and hasn't been resolved in
the current FC5 updates or in the FC6 test release, reopen and change the
version to match.

Thanks!

NOTE: Fedora Core 1 is reaching the final end of support even by the Legacy
project. After Fedora Core 6 Test 2 is released (currently scheduled for July
26th), there will be no more security updates for FC1. Please use these next two
weeks to upgrade any remaining FC1 systems to a current release.



Comment 2 John Thacker 2006-10-25 20:38:10 UTC
Closing per lack of response.  Also note that FC1 and FC2 are no longer
supported even by Fedora Legacy.  If this still occurs on FC3 or FC4, please
assign to that version and Fedora Legacy.  If it still occurs on FC5 or FC6,
please reopen and assign to the correct version.


Note You need to log in before you can comment on or make changes to this bug.