Active Directory users can log in without Password on Red Hat Enterprise Linux Server due to GSSAPIAuthentication Enabled

Solution Verified - Updated -

Issue

  • After joining a RHEL 9 server to Active Directory, it was observed that AD users are able to log in via SSH without being prompted for a password.
  • This unexpected behavior posed a security concern as users were being authenticated automatically through existing Kerberos tickets.
  • How to disable passwordless authentication on RHEL system which is an AD client ?

Environment

  • Red Hat Enterprise Linux 9
  • SSSD
  • Active Directory
  • Kerberos authentication

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content