Thanks to Sumit's help, I was finally able to identify the cause of the
login failure.
The default shell for the user was set to /usr/bin/zsh on the FreeIPA
server. But since zsh is not installed by default on a new Pop OS
installation, sshd was sending a dummy password to sssd. Installing zsh
resolved the issue for me.
In case someone else finds it useful, I am sharing the comment from Sumit
that helped identify the problem.
thanks, it looks like this is a feature of sshd. If sshd thinks the user
is invalid or not allowed to log in it sends a dummy password
looking
like the one from the strace to mitigate timing attacks.
It looks like you are trying to log in with the short name
'<redacted_username>'. Can you send the output of
getent passwd <redacted_username>