Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 149074 - ssh fails with Kerberos Authentication
ssh fails with Kerberos Authentication
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: pam (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
Depends On:
  Show dependency treegraph
Reported: 2005-02-18 10:23 EST by Karen McArthur
Modified: 2015-01-07 19:09 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-12-15 05:59:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
secure, message logs and ssh -vvvv output (1.58 KB, text/plain)
2005-02-18 10:25 EST, Karen McArthur
no flags Details

  None (edit)
Description Karen McArthur 2005-02-18 10:23:02 EST
Description of problem:
When using ssh with kerberos authentication and ldap user information,
I am not able to connect.  My logs verify that my kerberos password
authenticated, but then I receive an error "Read from remote host
Client: Connection reset by peer Connection to Client closed."  My
messages log states unix_chkpwd: could not get username from shadow
(testuser))".  My secure log states fatal: "PAM: pam_open_session():
Permission denied"

Version-Release number of selected component (if applicable):

How reproducible:
every attempt at connection

Steps to Reproduce:
1.install RH v4 with all patches
2.configure with kerberos authentication and ldap user information
3.ssh -vvvv testuser@client
Actual results:
Read from remote host Client: Connection reset by peer 
Connection to Client closed

Expected results:
log in and have a user session created

Additional info:
see attached logs
Comment 1 Karen McArthur 2005-02-18 10:25:11 EST
Created attachment 111205 [details]
secure, message logs and ssh -vvvv output
Comment 2 Mark Leary 2005-03-08 16:19:02 EST
I am experiencing the same problem described above - using krb5 for 
authentication, ldap for passwd db.
Comment 3 Mark Leary 2005-06-07 14:15:50 EDT
Any comment from redhat on this???  This bug is keeping us from deploying 
RHEL4, feedback would be appreciated.
Comment 4 Tomas Mraz 2005-09-12 08:55:10 EDT
This doesn't seem to me to be a problem in pam_krb5 as it doesn't return
PAM_PERM_DENIED on pam_open_session calls.

Please attach here your /etc/pam.d/system-auth, /etc/pam.d/sshd and
/etc/secure/limits.conf files. Also are you able to log-in on console with that
user fine?
Comment 5 Tomas Mraz 2005-12-15 05:59:45 EST
Since there are insufficient details provided in this report for us to
investigate the issue further, and we have not received the feedback we
requested, we will assume the problem was not reproduceable or has been fixed in
a later update for this product.

Users who have experienced this problem are encouraged to upgrade to the latest
update release, and if this issue is still reproduceable, please contact the Red
Hat Global Support Services page on our website for technical support options:

If you have a telephone based support contract, you may contact Red Hat at
1-888-GO-REDHAT for technical support for the problem you are experiencing.

Note You need to log in before you can comment on or make changes to this bug.