Unable to Create an SSH Service for the Attachmate Extra client

book

Article ID: 209958

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

We configured a TCP/UDP service launching an Attachmate Extra client to connect to an AIX server via SSH. The Client Application string is "extra <config file>", where <config file> points to a configuration file that instructs the Extra client to connect to the local IP and local port configured in the TCP/UDP service in PAM via SSH. We know this works, because the connection is successful when we choose application protocol Disabled in the TCP/UDP service. But that setting does not allow us to record the session. When we set the application protocol to SSH, the connection does not work.

Cause

The SSH proxy log on the PAM server rejected the connection from the SSH client, because the client did not provide a properly terminated version string. It turned out that an old Extra client version with a correspondingly old SSH 1 client was used.

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Upgrading the Extra client to a recent version resolved the problem