Created attachment 874619 [details]
screenshot of the client's access denied

## Observation

openQA test in scenario sle-15-SP5-Server-DVD-Updates-x86_64-fips_tests_crypt_krb5_client@64bit fails in
[krb5_crypt_nfs_client](https://openqa.suse.de/tests/14184233/modules/krb5_crypt_nfs_client/steps/27)

## Test suite description
Testsuite maintained at https://gitlab.suse.de/qe-security/osd-sle15-security.


## Reproducible

Fails since (at least) Build [20240430-1](https://openqa.suse.de/tests/14179718)


## Expected result

Last good: [20240429-1](https://openqa.suse.de/tests/14173907) (or more recent)


## Further details

Always latest result in this scenario: [latest](https://openqa.suse.de/tests/latest?arch=x86_64&distri=sle&flavor=Server-DVD-Updates&machine=64bit&test=fips_tests_crypt_krb5_client&version=15-SP5)


did some experiments and reported more info in the ticket:
https://progress.opensuse.org/issues/159531


- NFS mount with sec=sys is fine, with sec=krb5 gives access denied
- clock syncing seems not an issue, tried also force syncing 
- forcing crypto algorithm="aes256-cts-hmac-sha384-192" fails as well
- same test on 15SP4 passes 
- the test fails also in non-FIPS mode

package versions:

PASS
kernel-5.14.21-150400.24.116-default
krb5-1.19.2-150400.3.9.1
krb5-server-1.19.2-150400.3.9.1
krb5-client-1.19.2-150400.3.9.1
nfs-client-2.1.1-150100.10.37.1

FAIL
kernel-5.14.21-150500-55.59-default
krb5-1.20.1-150500.3.6.1
krb5-server-1.20.1-150500.3.6.1
krb5-client-1.20.1-150500.3.6.1
nfs-client-2.1.1-150500.22.3.1