When using CA PAM to rotate the passwords of CISCO switch accounts by using a UNIX connector, the following error is observed by the hundreds in he CISCO logs
"error: protocol identification string lack carriage return"
This seems to be caused by a bug in Java Secure Channel
CA PAM 4.0.1.164
This is indeed a bug detected in jsch versions prior to 0.1.69
jsch is one of the third party components as stated in the following reference
Versions of PAM after 4.0.1.164, already contain a jsch version which is at or above 0.1.69, so the solution is to upgrade PAM to a later version
To check the versions of third-party components shipped with PAM, please consult
For version 4.0.1 and equivalent url for other versions of the product