Post successful connection to RHEL9 with SecureCRT the related password is not transparently injected (meaning user is being prompted to provide the password for su-)
search cancel

Post successful connection to RHEL9 with SecureCRT the related password is not transparently injected (meaning user is being prompted to provide the password for su-)

book

Article ID: 271175

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

The issue in this case is post successful connection to RHEL 9, the password does not seem to be Transparently injected. The user is prompted to provide the Password.

We can see in the ssh_proxy logs that PAM is waiting for something to complete the password injection

2023-07-14 17:10:06 3239858 alert 1 message Warning: you are being monitored by PAM
2023-07-14 17:10:10 3239858 enable command [su -]
2023-07-14 17:10:10 3239858 enable-style command /usr/bin/php /sbin/SshProxySecondaryLogin.php 20 3904001
2023-07-14 17:10:10 3239858 triggering enable(su -) as root

Aditionally the issue only seems to affect the TCP/UDP services using the ssh_proxy for tools like Putty and SecureCRT so the mindterm built in applet works fine

 

Environment

Release : up to 4.1

Resolution

A patch or update to the PAM versions 4.1.3 and below is required for this to work since modifications to the PAM code are required for RHEL 9 

Powered by Wolken Software