This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Successful SSH login attempts are not logged in /var/log/messages in Authentication Manager prior to 8.4

Article Number

000038189

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager 
RSA Version/Condition: 8.1.x, 8.2.x, 8.3.x

Issue

Only failed SSH authentication login attempts are logged in the RSA Authentication Manager /var/log/messages logs.  Successful attempts are not logged.

Cause

RSA Authentication Manager 8.3 and earlier used older versions of SUSE Linux Enterprise Server as its operating system. The default behavior of older versions of SLES is to log only failed attempts.

Resolution

To enable logging of successful SSH logins apply the following changes:
  1. SSH into Authentication Manager.
  2. Change to root using the following command: 
    sudo su -
  3. Edit the file /etc/pam.d/common-session using the following command: 
    vim /etc/pam.d/common-session
  4. ​​​Press to enter Insert mode.
  5. Add the following line to the end of the file: 
    session required pam_warn.so
  6. Press ESC to exit Insert mode. 
  7. Save and exit by typing :wq!
  8. Repeat steps 1 - 7 on each RSA Authentication Manager instance, whether it is a primary or a replica, to log successful SSH authentication attempts for the instance.
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 12:39 PM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.