Rafal Pietrak <ra...@ztk-rp.eu> writes:

> I have this (default on debian-9 .. I haven't touched it before):
> auth  [success=2 default=ignore]      pam_krb5.so minimum_uid=1000
> auth  [success=1 default=ignore]      pam_unix.so nullok_secure try_first_pass

> which I've temporarily swapped ... and in consequence got the "bad
> password" result. Apparently I haven't changed everything that's
> necesary for it to work ... but I don't know what exactly.

You would need to change the success numbers as well so that the first
module skips two subsequent modules and the second skips one.

-- 
Russ Allbery (r...@debian.org)               <http://www.eyrie.org/~eagle/>

Reply via email to