PAM Admin attempting to rotate the PAM Password via Job and/or the UI - however the password doesn't get rotated.

Privileged Access Manager, all versions

Inside  Tomcat Apache Logs - there is the following error:

INFO: jsch: password prompt: 'Password for <username>@<ip address>'

Sep 10, 2024 2:40:05 AM com.cloakware.cspm.server.plugin.SSHConnector$1 log

INFO: jsch: Login trials exceeds 1

Sep 10, 2024 2:40:05 AM com.cloakware.cspm.server.plugin.SSHConnector$1 log

INFO: jsch: Disconnecting from <ip address> port 22

The message:

INFO: jsch: Login trials exceeds 1

means inside  /etc/ssh/sshd_config -  probably have the following configured:

MaxAuthTries 1

==================================================

With this setting, if we try once to validate the password, before we rotate it - we will be logged out and won't be successful.

Increase this value to allow to validate a password and if incorrect -  can then rotate it.