Authorizing Access via SSH Using PAM

book

Article ID: 36564

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Question:

Can I use the PAM stack on my native system to authorize which users are able to login successfully?

 

Answer: 

Yes, you can utilize the PAM stack on your native system ion conjunction with CA PIM.  PAM is a module that assists applications with authentication and security.
 
Open selang.
er LOGINAPPL SSH loginflags(PAMLOGIN)
Exit selang.
Edit seos.ini: set auth_login = pam
Perform another login.
 
Switching to PAMLOGIN:
---------------------
Open selang.
AC> er LOGINAPPL SSH loginflags(PAMLOGIN)
Exit selang.
Edit seos.ini: set auth_login = pam
Perform another login.
Attempt another sesudo execution. (Also "sesudo -list").

Environment

Release: ACP1M005900-12.9-Privileged Identity Manager
Component: