Comment 2 for bug 1999884

Some additional information.

Authenticating with a password, then running kinit -X in a privileged terminal window DOES work, everything matches and I get a kerberos ticket.

Deleting everything from the YubiKey and issuing a brand new certificate (instead of having 2 on the key) also doesn't work.

sssd_authenticate.me.uk.log doesn't show any errors and does not update when using tail -f during authentication

sssd_pam.log doesn't show any errors and does not update when using tail -f during authentication

p11_child.log shows informational events when selecting the certificate, no errors shown.

krb5_child.log (which I have attached) shows no errors until I cancel the password prompt.

auth.log contains only two lines and this occurs after I type the PIN and press enter:

Dec 16 13:47:42 ubu2210 gdm-smartcard]: pam_sss(gdm-smartcard:auth): received for user <email address hidden>: 7 (Authentication failure)
Dec 16 13:47:42 ubu2210 gdm-smartcard]: gkr-pam: no password is available for user

kern.log shows no errors (apparmor ALLOWED on all requests)

syslog shows no errors I can spot. This will be attached on the next comment.