SFTP connection failure due to endpoint

book

Article ID: 4879

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

When the PIM endpoint is running on linux, users are unable to sftp to the system.

Cause

This can be caused by loginappl rules in selang not being created or even more popularly, caused by the use of KBL (keyboard logging).

Environment

Release:
Component: SEOSU

Resolution

1. Check to make sure the correct loginappl is created in selang and should look similar to the following rule.

(Please modify this rule to match the requirements for your environment)

editres LOGINAPPL ('SFTP') audit(FAILURE) comment('Predefined rule for Login application.') defaccess(EXECUTE) loginflags(NONE) loginmethod(NORMAL) loginseq(SGRP SUID) loginpath(PATH_for_env)

 

2. Keyboard logging is notorious for causing certain authentication issues due to how it collects the input to the system. To correct the SFTP issue, disable KBL in the seos.ini for the system.

; --------------------------------------------------------------------
; Tokens used by the CA ControlMinder KBL logging facility
; --------------------------------------------------------------------

; Specifies whether CA ControlMinder enables KBL audit records management
; Values: yes, no
; Default: no
kbl_enabled = no