|Applies To||RSA Product Set: SecurID|
RSA Product/ Service Type: Authentication Manager
RSA Version/Condition: 8.x
|Issue||Trying to secure the gnome-screensaver on Redhat 6 machine to use the Securid Pam module,|
After editing gnome-screensaver to use "pam_securid" module as the as the following:
[root@rh64-pam71-1 var]# cat /etc/pam.d/gnome-screensaver
The screensaver page on the Redhat sever is not load the authentication prompt of RSA and keep flashing,
On another Redhat server the authentication page is loading, user enter the correct credentials but get authentication failed, and on the RSA AM server the authentication activity monitor shows "Node Secret verification" error message.
|Cause||The ace directory which contains the node secret has restricted permissions. As a result, the node secret cannot be read during the authentication via gnome-screensaver.|
|Resolution||You will need to give the ace directory full permissions to read, write and execute for the owner, group and others group.|
#chmod 777 ace
The sdconf.rec and securid (node secret) files both need to have the read permissions for the other groups.
Give the ace directory the full permissions to read, write and execute:
chmod 777 /var/ace
To give the sdconf.rec and securid (node secret) files the needed permissions , execute the following command:
chmod a+r /var/ace/sdconf.rec /var/ace/securid