libpam-krb5 - PAM module for MIT Kerberos

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Main i386
Package filename libpam-krb5_4.7-2_i386.deb
Package name libpam-krb5
Package version 4.7
Package release 2
Package architecture i386
Package type deb
Category net
License -
Maintainer Ubuntu Developers <>
Download size 63.20 KB
Installed size 189.00 KB
A Kerberos PAM module build against the MIT Kerberos libraries.  It
supports authenticating against a Kerberos v5 KDC, obtaining tickets and
populating an initial ticket cache, authorizing users via a ~/.k5login
file, and changing Kerberos passwords.


Package Version Architecture Repository
libpam-krb5_4.7-2_amd64.deb 4.7 amd64 Ubuntu Main
libpam-krb5 - - -


Name Value
krb5-config -
libc6 >= 2.8
libkrb5-3 >= 1.10.2+dfsg
libpam-runtime -
libpam0g >= 1.1.3-2~
multiarch-support -


Name Value
libpam-heimdal -


Type URL
Binary Package libpam-krb5_4.7-2_i386.deb
Source Package libpam-krb5

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libpam-krb5 deb package:
    # sudo apt-get install libpam-krb5




2015-04-26 - Russ Allbery <>
libpam-krb5 (4.7-2) unstable; urgency=medium
* Upload to unstable.
* Refresh upstream signing key.
* Add debian/gbp.conf reflecting the branch layout of the default
packaging repository.
2014-12-25 - Russ Allbery <>
libpam-krb5 (4.7-1) experimental; urgency=medium
* Upload to experimental due to release freeze.
* New upstream release.
- Add no_update_user option to disable the normal update of PAM_USER
after user canonicalization.
- Suppress spurious Heimdal password prompt when using PKINIT.
- Map unknown realm errors to PAM_AUTHINFO_UNAVAIL.
- Treat more error codes as incorrect passwords for better
compatibility between MIT client libraries and Heimdal KDCs.
- Add version number when module options were added to the man page.
* Remove erroneous branch information from Vcs-Git.
* Fix debian/copyright to match the correct upstream licensing.
* Update standards version to 3.9.6 (no changes required).
2014-04-13 - Russ Allbery <>
libpam-krb5 (4.6-3) unstable; urgency=medium
* Drop version qualifications on Build-Depends that are satisfied by
stable.  Drop version qualifications on Depends that are satisfied by
* Add the upstream release signing key and verify it in debian/watch.
* Prefer *.tar.xz in debian/watch to match packaging.
* Convert debian/copyright to copyright-format 1.0.
* Specify the Debian packaging branch in the Vcs-Git control field.
* Update standards version to 3.9.5 (no changes required).
2013-06-23 - Russ Allbery <>
libpam-krb5 (4.6-2) unstable; urgency=low
* Apply upstream patch to add AM_PROG_AR to, now apparently
required by Automake for the binutils in unstable.  (Closes: #713296)
* Apply upstream patch to build with largefile support.  This is
probably pointless for this module, but consistency is good.
* Canonicalize the Vcs-Git and Vcs-Browser URLs.
* Update standards version to 3.9.4 (no changes required).
2012-06-02 - Russ Allbery <>
libpam-krb5 (4.6-1) unstable; urgency=low
* New upstream release.
- New anon_fast option to attempt anonymous authentication and use
those credentials to provide FAST armor.  (Closes: #626509)
- New user_realm option to set the realm for unqualified user
principals without changing the default realm for all other
- New no_prompt option to suppress PAM prompting in favor of letting
the Kerberos library handle it.  (Closes: #626506)
- New silent option that duplicates the behavior of PAM_SILENT.
- New trace option for preliminary support of Kerberos trace logging.
- Fix the doubled colon in password prompts from Heimdal.
- Preserve the realm of the authentication identity when forming an
alt_auth_map identity.
- Allow the alt_auth_map format to contain a realm to force all mapped
principals to be in that realm.
- Avoid a NULL pointer dereference if krb5_init_context fails.
(LP: #998525)
- Close memory leaks in search_k5login and alt_auth_map.
- Suppress bogus error messages about the realm option.
- Retry authentication under try_first_pass for several other error
* Regenerate the Autotools build system with dh-autoreconf.
* Add krb5-config to Build-Depends so that the test programs don't abort
with errors about not having a Kerberos configuration.
* Switch to xz compression for the upstream and Debian tarballs.
* Enable parallel builds.
* Update standards version to 3.9.3 (no changes required).

See Also

Package Description
libpam-modules-bin_1.1.8-3.2ubuntu2_i386.deb Pluggable Authentication Modules for PAM - helper binaries
libpam-modules_1.1.8-3.2ubuntu2_i386.deb Pluggable Authentication Modules for PAM
libpam-mount_2.14-1.1_i386.deb PAM module that can mount volumes for a user session
libpam-p11_0.1.5-4_i386.deb PAM module for using PKCS#11 smart cards
libpam-pwquality_1.3.0-0ubuntu1_i386.deb PAM module to check password strength
libpam-radius-auth_1.3.17-0ubuntu4_i386.deb The PAM RADIUS authentication module
libpam-runtime_1.1.8-3.2ubuntu2_all.deb Runtime support for the PAM library
libpam-sss_1.13.4-1ubuntu1_i386.deb Pam module for the System Security Services Daemon
libpam-systemd_229-4ubuntu4_i386.deb system and service manager - PAM module
libpam0g-dev_1.1.8-3.2ubuntu2_i386.deb Development files for PAM
libpam0g_1.1.8-3.2ubuntu2_i386.deb Pluggable Authentication Modules library
libpango-1.0-0_1.38.1-1_i386.deb Layout and rendering of internationalized text
libpango1.0-0_1.38.1-1_i386.deb Layout and rendering of internationalized text (transitional package)
libpango1.0-dev_1.38.1-1_i386.deb Development files for the Pango
libpango1.0-doc_1.38.1-1_all.deb Documentation files for the Pango