Comment 6 for bug 2037321

> Without this passwordless login using GSSAPI via SSH is not possible to a Ubuntu 22.04 machine.

This is not entirely true. We have tests that attempt this login and they pass just fine. There is some other detail that is missing. I'll read up in more detail on what the sssd_krb5_localauth_plugin.so plugin does. The upstream bug also had in one of the comments confirmation that a ~/.k5login file with the name of the principal would allow login to work, which tells me some sort of mapping between the username of the ssh command (which can have @DOMAIN components) and the local username is missing, and that plugin might be responsible for it.