From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.7) Gecko/20050416 Red Hat/1.0.3-1.4.1 Firefox/1.0.3

Description of problem:
When I enable kerberos authentication against a Windows 2003 server, using redhat-config-authentication, openssh authentication stops working correctly.

If I use password authentication, without attempting publickey auth first, then authentication works

If I use publickey authentication, it fails.

If I use publickey authentication, then attempt password authentication, the password authentication will fail.

Version-Release number of selected component (if applicable):
openssh-3.9p1-8.RHEL4.1

How reproducible:
Always

Steps to Reproduce:
1. Install up-to-date RHEL4
2. Use redhat-config-authentication to setup kerberos auth against AD server
3. attempt to login to the machine with ssh using publickey auth

openssh configuration is the stock redhat config.
  

Actual Results:  I get authentication failures every time I try to use publickey.  Even password authentication fails after publickey authentication has been tried.

Expected Results:  Login should have succeeded.  Following the same setup sequence on a RHEL3 machine produces a working openssh configuration, logging in with the same set of keys works fine.

Additional info:

I tried to debug this myself with little success.  I did determine that when the call to monitor_read at line 310 of monitor.c returns, the public key has been accepted (authenticated is true).  However, it is the call to PAM (lines 320-328 monitor.c) that changes the authenticated flag to false.  A call to pam_acct_mgmt in do_pam_account returns PAM_AUTH_ERR.