root login via Kerberos5 - "User not known to the underlying authentication module" - why?
Nalin Dahyabhai
nalin at redhat.com
Tue Apr 1 20:06:51 EDT 2014
On Tue, Apr 01, 2014 at 10:24:43AM +0200, Wendy Lin wrote:
> Ah, but I *want* that pam_krb5 authenticates the user against Kerberos
> so they do not have to do a kinit themselves after login, each time.
If there's a plugin which is accepting authentication before pam_krb5
gets to (this may be logged to /var/log/secure, or wherever LOG_AUTH and
LOG_AUTHPRIV messages are going), then it needs to be prevented from
doing that, or the PAM configuration needs to be edited to call the
modules in a different order.
HTH,
Nalin
More information about the Kerberos
mailing list