Package: libpam-shishi Version: 0.0.30-2 Severity: normal My /etc/pam.d/common-auth is attached.
For testing, I made my Kerberos password match my local shadow password. By applying the try_first_pass / use_first_pass option to subsequent PAM modules, I should be able to login if the first module fails but I enter the correct password for a subsequent module. Instead, if pam_shishi fails, I'm prompted for and enter the same password twice, whereon pam_unix logs me in. I expect what should happen if pam_shishi fails, is pam_unix should use the password I already entered to login and not prompt me to re-enter my password. Thanks, Jack -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/2 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libpam-shishi depends on: ii libc6 2.6.1-3 GNU C Library: Shared libraries ii libshishi0 0.0.30-2 Library for the Shishi Kerberos v5 libpam-shishi recommends no packages. -- no debconf information
# # /etc/pam.d/common-auth - authentication settings common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of the authentication modules that define # the central authentication scheme for use on the system # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the # traditional Unix authentication mechanisms. # auth [success=1 default=ignore] pam_shishi.so minimum_uid=1000 auth required pam_unix.so nullok_secure try_first_pass auth required pam_permit.so
