If I configure the sshd pam file with auth required /lib/security/pam_krb5.so in the auth section, I get permissioned denied when trying to login with my kerberos password. /var/log/secure reports: pam_krb5: authenticate error: Cannot read password If I use instead auth sufficient /lib/security/pam_pwdb.so shadow auth required /lib/security/pam_krb5.so use_first_pass it works fine. Changing to auth sufficient /lib/security/pam_pwdb.so shadow auth required /lib/security/pam_krb5.so skip_first_pass fails as in the first example.
This should be fixed in the 1.30-1 errata and in 7.1.