Can external access be given to PAM so we can patch, configure or upgrade it?

Release : Any supported PAM release as of Sep 2022

Component : PRIVILEGED ACCESS MANAGEMENT

Internal auditors want to know what version of the OS is, if it can be externally patched or upgraded.

• An SSH Debug Patch, which can be applied at any time without interrupting user activity
• An SSH Private Key file for use with a PuTTY client
• Activate "Remote CA PAM Debugging Services" on the Configuration > Diagnostics > System page.
• Use a PuTTY client to connect to the PAM appliance with the private key.
• Support will have to take control of the remote session. In addition to the private key a passphrase is required that Support cannot share with anyone outside of the PAM Support team.
• Once all work is completed, Support exits out of the PuTTY session.
• "Remote CA PAM Debugging Services" can be turned off to close the SSH port, if preferred.

Any vulnerability found in PAM is addressed with highest priority and will be included in hotfixes or maintenance releases as applicable.  If your internal security department thinks that there is a vulnerability in our appliance, then please open a support ticket and supply us the details.

Product Management has plans to upgrade the PAM operating system from Debian 9 to Debian 12, but they still don't know which version of PAM will have this upgrade (reference from Sep/2022)