Kerberos ticket is expiring and it is not renewing when cache with sssd-kcm

Solution Verified - Updated -

Issue

  • The ticket has expired and using it returns errors.
[host@domain.com ~]$ klist
Ticket cache: KCM:116002141:55899
Default principal: host@LINUX.REALM.ADS

Valid starting       Expires              Service principal
06/25/2021 13:45:40  06/26/2021 13:45:40  krbtgt/LINUX.REALM.ADS@LINUX.REALM.ADS

Jun 25 13:43:58 domain.com sshd[576374]: error: PAM: Authentication failure for host from 192.168.122.XXX 
Jun 25 13:43:58 domain.com sshd[576374]: Connection closed by authenticating user host 192.168.122.XXX port 50125 [preauth]

Environment

  • Red Hat Enterprise Linux (RHEL) 7, 8
  • sssd-kcm

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content