이 콘텐츠는 선택한 언어로 제공되지 않습니다.

4.215. pam_krb5


An updated pam_krb5 package that fixes various bugs is now available for Red Hat Enterprise Linux 6.
The pam_krb5 package allows PAM-aware applications to check user passwords with the help of a Kerberos KDC.

Bug Fixes

BZ#690832
When a client logged into a remote host using SSH with GSSAPI authentication, configured to re-delegate credentials when the client obtains fresh credentials, pam_krb5 created a new credential cache on the remote host in addition to the cache created by SSH. Consequently, the credential cache that pam_krb5 had created for the user's session would not be updated when they were renewed on the client. This update prevents pam_krb5 from creating its own cache in the scenario described, so the credential delegation mechanism is not interfered with.
BZ#700520
Prior to this update, when a client attempted to perform a password change after using a non-password-based pre-authentication mechanism (such as a Smart Card), the pam_krb5 module would unnecessarily prompt for the user's PIN (twice). This update corrects this bug.
BZ#720609, BZ#722489, BZ#733803
When a client, using SSH, logged into a remote host using the PasswordAuthentication mechanism, two credential caches would be created for the user on the remote host, but only one of them would be removed when the user logged out. This update no longer creates the second, redundant cache.
All users of pam_krb5 are advised to upgrade to this updated package, which fixes these bugs.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.