I updaed nsswitch.conf
[Sat Oct 30 20:04:07] [root@fsdm01/etc/pam.d$] cat /etc/nsswitch.conf | egrep -v ‘^$|^#’
passwd: sss files winbind systemd
group: sss files winbind systemd
netgroup: sss files
automount: sss files
services: sss files
shadow: files
hosts: files myhostname mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns
aliases: files
ethers: files
gshadow: files
networks: files dns
protocols: files
publickey: files
rpc: files
[Sat Oct 30 20:04:34] [root@fsdm01/etc/pam.d$] su - redhat
Last login: Sat Oct 30 20:01:59 EDT 2021 on pts/1
Last failed login: Sat Oct 30 20:03:12 EDT 2021 from 10.0.0.19 on ssh:notty
There were 2 failed login attempts since the last successful login.
[redhat@fsdm01 ~]$ exit
logout
[Sat Oct 30 20:05:00] [root@fsdm01/etc/pam.d$] ssh redhat@localhost
redhat@localhost's password:
Permission denied, please try again.
redhat@localhost's password:
[Sat Oct 30 20:05:14] [root@fsdm01/etc/pam.d$] ssh redhat@fsdm01
The authenticity of host 'fsdm01 (10.0.0.17)' can't be established.
ED25519 key fingerprint is SHA256:P6OdlFJX1UOx7WcHd2LbBYAQG7BXq3dWiLgq8u8+03M.
This host key is known by the following other names/addresses:
~/.ssh/known_hosts:1: [hashed name]
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'fsdm01' (ED25519) to the list of known hosts.
redhat@fsdm01's password:
Permission denied, please try again.
redhat@fsdm01's password: