Changing SELinux to "permissive" stops SSH from prompting for a password for .K5login when home directories are set on a NAS. The following document provides a permanent solution to set SELinux to "enforcing" and not be prompted for a SSH password.
Problem: SSH prompts for a password if SELinux is set to "enforcing". The logs shows the following error message:
error: ssh_selinux_setup_pty: security_compute_relabel: Invalid argument Cause: The home directories on the NAS is missing the setting for ".K5login" causing SSH to prompt for a password with SELinux set to "enforicing" when it shouldn't be.
Workaround: Set SELinux to "permissive" with the command below is the workaround,
$ setenforce permissive
Solution: First change SELinux to "permissive"($ setenforce permissive), then run the command below to set SELinux Booleanto use NFS as home directories on the server. Now set SELinux to enforcing($ setenforce enforcing).
NOTE: To verify/query list of all the SELinux booleans for specific service run command below:
# semanage boolean -l | egrep "nfs|SELinux" (NOTE: For this example use_nfs_home_dirs is off meaning it is not SELinux Boolean is not set.)
# setsebool -P use_nfs_home_dirs 1
Confirm SELinux is set to "enforcing" with command below: