Successful SSH login attempts are not logged in /var/log/messages in Authentication Manager prior to 8.4
Originally Published: 2019-11-27
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1.x, 8.2.x, 8.3.x
Issue
Cause
Resolution
To enable logging of successful SSH logins apply the following changes:
- Log On to the Appliance Operating System with SSH
- Change to root using the following command:
sudo su -
- Edit the file /etc/pam.d/common-session using the following command:
vim /etc/pam.d/common-session
- Press i to enter Insert mode.
- Add the following line to the end of the file:
session required pam_warn.so
- Press ESC to exit Insert mode.
- Save and exit by typing :wq!
- Repeat steps 1 - 7 on each RSA Authentication Manager instance, whether it is a primary or a replica, to log successful SSH authentication attempts for the instance.
Related Articles
Previewing Role changes prior to Applying those changes shows other incorrect/unrelated changes to the Role in RSA Identit… Number of Views Unable to start RSA ACE/Server services after stopping them when Quick Admin was used prior to stop Number of Views How to purge table data prior to version 7.0.1 in RSA Identity Governance & Lifecycle Number of Views EAP-TTLS Configuration Number of Views Cannot upload large files to Microsoft Internet Information Server (IIS) 6.0 when using client authentication Number of Views
Trending Articles
RSA Authentication Manager Patch Updates RSA SecurID Software Token 4.1.2 and 4.2.1 for Mac OS X displays: No token storage device was detected. Verify that the de… How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows Configuring a Checkpoint firewall to work with SecurID
Don't see what you're looking for?
