id summary reporter owner description type status priority milestone component resolution keywords cc fix_version see_also 362 login intermittently fails if your .k5login isn't world-readable geofft "jbarnold, mitchb, and probably others I'm forgetting have run into the issue that occasionally they can't ssh in to machines if their .k5login is only readable once they acquire tickets and tokens. While this is easy to work around (move .k5login to your Public and symlink it), the man page for pam_krb5 says in one section for an option we don't use, ""Using this option requires that the user's .k5login file be readable at the time of authentication."" I take this to mean that in normal operation, pam_krb5 shouldn't require this. So there's an upstream bug, either with the code or the documentation (it should say that .k5login always needs to be world-readable)." defect new trivial Upstream Utopia --