On Sat, Aug 10, 2019 at 09:52:31AM +0000, k...@protonmail.com wrote: > > Am I going about this all wrong? >
I think so. You need to have the pam_krb5 in the auth section. If you don't want to authenticate against kerberos then put pam_krb5 after another authentication module that prompts for a password and add "use_first_pass" to the pam_krb5 arguments that should set up the kerberos ticket for the login. This does ASSuME that the password for both the other auth method and kerberos are the same which may not be true but, really, if you have kerberos why bother with another auth method... -- Brett Lymn -- Sent from my NetBSD device. "We are were wolves", "You mean werewolves?", "No we were wolves, now we are something else entirely", "Oh"