Password authentication fails for unchallenged users on AIX after changing to SHA256 password hashing when RSA Authentication Agent for PAM is installed
Originally Published: 2020-05-27
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
Platform: IBM AIX
Issue
Cause
Resolution
Workaround
- Make a backup of /etc/sd/pam.conf.
- Open /etc/sd/pam.conf in a text editor.
- Change the following two settings from 0 to 1:
PAM_IGNORE_SUPPORT_FOR_USERS=1 PAM_IGNORE_SUPPORT=1
- Make a backup of /etc/pam.conf.
- Open /etc/pam.conf in a text editor.
- Edit the authentication modules for your protected service. Using SSH as an example:
sshd auth required pam_securid.so not_set_pass sshd auth required pam_aixNow unchallenged users can log in with their password with the new hashing algorithm. However, challenged users have to log in using their RSA passcode followed by their AIX password.
Notes
strings pam_securid.so | grep "Agent"
Related Articles
Configure Device Registration for a Risk-Based Authentication Policy Number of Views Upgrading the Internal SecurID Authentication Manager 8.6 Certificates to SHA-256 Number of Views Cannot open client.pdf file found on ACE/Agent CD \aceclnt\nt_i386\client.pdf Number of Views Delete a Software Token Profile Number of Views Duplicate a Software Token Profile Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
Don't see what you're looking for?
