'su -' doesn't prompt for passcode on SUSE with PAM Agent
Originally Published: 2015-07-07
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
RSA Version/Condition: 7.1
Platform: Linux
Platform (Other): null
O/S Version: Suse Linux
Issue
'su <username>' prompts for passcode as expected.
Confirmed /etc/pam.d/su is configured correctly as below.
#%PAM-1.0
#auth sufficient pam_rootok.so
#auth include common-auth
auth required pam_securid.so
account sufficient pam_rootok.so
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
Resolution
2. Edit /etc/pam.d/su-l file, comment all lines starting with auth and add the below line:
auth required pam_securid.so
Notes
The issue cannot be reproduced on RHEL.
Related Articles
How to su as root to a user account protected by securid without getting Passcode prompted. Number of Views Configuring su on Red Hat Linux 4.0 does not work with RSA Authentication Agent for PAM Number of Views 'su: cannot set user id: Resource temporarily unavailable' error when logging in to the Application Server as the Oracle u… Number of Views Error 'cannot set user id: Resource temporarily unavailable' while trying to login or su as user oracle in RSA Identity Go… Number of Views RSA MFA Agent for PAM Platform Support Matrix Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor…
Don't see what you're looking for?
