Show Table of Contents
4.135. pam_krb5
An updated pam_krb5 package that fixes a bug is now available for Red Hat Enterprise Linux 5.
The pam_krb5 package allows PAM-aware applications to check user passwords with the help of a Kerberos KDC.
Bug Fix
- BZ#715073
- Previously, if a system was configured to perform Kerberos authentication using PKINIT, users who attempted to change their passwords using the "passwd" command or other PAM-aware application, while a smart card was inserted, would be erroneously prompted for the smart card PIN. With this update, the plugin returns an error to any requests for non-password information while attempting to obtain password-changing credentials. As a result, the unnecessary request for the smart card PIN is no longer made to the user in the scenario described.
All users of pam_krb5 are advised to upgrade to this updated package, which fixes this bug.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.