Failing to connect to AIX on PAM 2.8.3
Article ID: 103371
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
PAM SAFENET LUNA HSM
CA Privileged Access Manager (PAM)
Issue/Introduction
Customer upgraded AIX to 7.2
PAM is also upgraded to 2.8.3
They are having issues in verifying and changing password for accounts that requires the follow settings. (Change on Behalf with Update/Verify Credentials Script enabled)
From the tomlogs (7.2AIX), it shows this error message
WARNING: **** ACCOUNT VERIFICATION FAILED: targetAccount ID: 1125' due to 'Error Code: 15212
PAM is also upgraded to 2.8.3
They are having issues in verifying and changing password for accounts that requires the follow settings. (Change on Behalf with Update/Verify Credentials Script enabled)
From the tomlogs (7.2AIX), it shows this error message
WARNING: **** ACCOUNT VERIFICATION FAILED: targetAccount ID: 1125' due to 'Error Code: 15212
Environment
PAM 2.8.3 (upgraded from PAM 2.6.x)
AIX 7.2
AIX 7.2
Resolution
Secure connection could not be established from PAM to AIX, as a result the password verification could not be performed.
Caused by: com.jcraft.jsch.JSchException:
Algorithm negotiation fail at com.jcraft.jsch.Session.receive_kexinit(Session.java:582)
at com.jcraft.jsch.Session.connect(Session.java:320)
at com.jcraft.jsch.Session.connect(Session.java:183)
at com.cloakware.cspm.server.plugin.SSHConnector.connect(SSHConnector.java:113)
The issue is resolved after applying PAM 2.8.3.16
Caused by: com.jcraft.jsch.JSchException:
Algorithm negotiation fail at com.jcraft.jsch.Session.receive_kexinit(Session.java:582)
at com.jcraft.jsch.Session.connect(Session.java:320)
at com.jcraft.jsch.Session.connect(Session.java:183)
at com.cloakware.cspm.server.plugin.SSHConnector.connect(SSHConnector.java:113)
The issue is resolved after applying PAM 2.8.3.16
Feedback
Powered by
