[krbdev.mit.edu #1488] Incorrect password error for principal with preauth is confusing
Alexandra Ellwood via RT
rt-comment at krbdev.mit.edu
Wed May 14 13:42:16 EDT 2003
The error for an incorrect password for principal with preauth is
confusing. krb5_init_creds_password returns KRB5KDC_ERR_PREAUTH_FAILED,
which translates to the string "Preauthentication failed". So a typical
kinit where the user types a bad password goes as follows (this is with
a 1.2.x kinit):
dragon-slave% kinit preauth at TESTV5-KERBEROS-1.2.0
Password for preauth at TESTV5-KERBEROS-1.2.0:
kinit(v5): Preauthentication failed while getting initial credentials
Needless to say, this is confusing and might dissuade the user from
trying to type their password again.
More information about the krb5-bugs
mailing list