Description of problem: On redhat <= 9 pam_krb5 correctly authenticated username,password, and SecureID with DoD kerberos system. With pam_krb5 shipped with FC1, /var/log/secure gives the following: Mar 5 15:16:26 kup login: pam_krb5[1505]: default/local realm 'HPCMP.HPC.MIL' Mar 5 15:16:26 kup login: pam_krb5[1505]: configured realm 'HPCMP.HPC.MIL' Mar 5 15:16:26 kup login: pam_krb5[1505]: flags: forwardable Mar 5 15:16:26 kup login: pam_krb5[1505]: flag: user_check Mar 5 15:16:26 kup login: pam_krb5[1505]: flag: no krb4_convert Mar 5 15:16:26 kup login: pam_krb5[1505]: flag: warn Mar 5 15:16:26 kup login: pam_krb5[1505]: ticket lifetime: 0 Mar 5 15:16:26 kup login: pam_krb5[1505]: renewable lifetime: 0 Mar 5 15:16:26 kup login: pam_krb5[1505]: minimum uid: 10 Mar 5 15:16:26 kup login: pam_krb5[1505]: banner: Kerberos 5 Mar 5 15:16:26 kup login: pam_krb5[1505]: ccache dir: /var/tmp Mar 5 15:16:26 kup login: pam_krb5[1505]: keytab: /etc/krb5.keytab Mar 5 15:16:26 kup login: pam_krb5[1505]: called to authenticate 'bboren' Mar 5 15:16:26 kup login: pam_krb5[1505]: authenticating 'bboren.MIL' Mar 5 15:16:29 kup login: pam_krb5[1505]: saving newly-entered password for use by other modules Mar 5 15:16:29 kup login: pam_krb5[1505]: trying newly-entered password for 'bboren' Mar 5 15:16:29 kup login: pam_krb5[1505]: authenticating 'bboren.MIL' to 'krbtgt/HPCMP.HPC.MIL.MIL' Mar 5 15:16:30 kup login: pam_krb5[1505]: krb5_get_init_creds_password(krbtgt/HPCMP.HPC.MIL.MIL) returned -1765328254 (Cannot read password) Mar 5 15:16:30 kup login: pam_krb5[1505]: got result -1765328254 (Cannot read password) Mar 5 15:16:30 kup login: pam_krb5[1505]: authentication fails for 'bboren' (bboren.MIL): Authentication failure (Cannot read password) Version-Release number of selected component (if applicable): Appears to be any of the 2.x How reproducible: Always
Fedora Core 1 is maintained by the Fedora Legacy project for security updates only. If this problem is a security issue, please reopen and reassign to the Fedora Legacy product. If it is not a security issue and hasn't been resolved in the current FC5 updates or in the FC6 test release, reopen and change the version to match. Thanks! NOTE: Fedora Core 1 is reaching the final end of support even by the Legacy project. After Fedora Core 6 Test 2 is released (currently scheduled for July 26th), there will be no more security updates for FC1. Please use these next two weeks to upgrade any remaining FC1 systems to a current release.
Closing per lack of response. Also note that FC1 and FC2 are no longer supported even by Fedora Legacy. If this still occurs on FC3 or FC4, please assign to that version and Fedora Legacy. If it still occurs on FC5 or FC6, please reopen and assign to the correct version.