SSH login does not recognize on Solaris 11.4.

book

Article ID: 209856

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

After installation PAMSC 14.1 CP02, customer login system via SSH.  But LOGIN event does not appear in audit log.

Cause

The problem is 64 bit-specific and appeared only recently because now a 64-bit sshd is used on Solaris.

Environment

OS: Solaris 11.4

Product: Symantec Privileged Access Manager Server Control 14.1 CP2

Resolution

Change from PAMlogin to none at loginflags and loginseq(SGRP SEID) as following selang command:

PAMSC> er LOGINAPPL LIB_SSH loginflags(none) loginseq(SGRP SEID)

 

Additional Information

If loginseq does not change at change on loginflags, it appears 2 LOGIN event.  One is correct user and the other is root.

And then, this environment does not catch failed login.  So, serevu does not work.