https://bugzilla.novell.com/show_bug.cgi?id=399967
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=399967#c1
Michael Calmer
According to the documentation use_authtok should prevent pam_krb5 from asking for password during password change.
This is wrong. use_authtok tells pam_krb5.so to never prompt for new passwords when changing passwords. ^^^ "new password". But it still will ask for the "old password". So your workaround is the solution. I tested our default kerberos configuration and it worked fine. The default for the old password is "try_first_pass". If you enter a wrong "old password" you will be asked again for the old password. In such a case your example happens. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.