Password authentication fails for unchallenged users on AIX after changing to SHA256 password hashing when RSA Authentication Agent for PAM is installed
Originally Published: 2020-05-27
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
Platform: IBM AIX
Issue
Cause
Resolution
Workaround
- Make a backup of /etc/sd/pam.conf.
- Open /etc/sd/pam.conf in a text editor.
- Change the following two settings from 0 to 1:
PAM_IGNORE_SUPPORT_FOR_USERS=1 PAM_IGNORE_SUPPORT=1
- Make a backup of /etc/pam.conf.
- Open /etc/pam.conf in a text editor.
- Edit the authentication modules for your protected service. Using SSH as an example:
sshd auth required pam_securid.so not_set_pass sshd auth required pam_aixNow unchallenged users can log in with their password with the new hashing algorithm. However, challenged users have to log in using their RSA passcode followed by their AIX password.
Notes
strings pam_securid.so | grep "Agent"
Related Articles
RSA SecurID Authentication Agent 8.1 for PAM Installation and Configuration Guide for AIX (Chinese) Number of Views RSA MFA Agent 9.0 for PAM - Installation and Configuration Guide for AIX (Chinese) Number of Views RSA MFA Agent 9.0 for PAM - Installation and Configuration Guide for AIX (Japanese) Number of Views RSA SecurID Authentication Agent 8.1 for PAM Installation and Configuration Guide for AIX (Japanese) Number of Views RSA SecurID Authentication Agent 8.1 for PAM Installation and Configuration Guide for Solaris (Chinese) Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Supported On-Demand Authentication (ODA) SMS providers for use with RSA Authentication Manager 8.x Deploying RSA Authenticator 6.2.2 for Windows Using DISM
Don't see what you're looking for?
