Successful SSH login attempts are not logged in /var/log/messages in Authentication Manager prior to 8.4
Originally Published: 2019-11-27
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1.x, 8.2.x, 8.3.x
Issue
Cause
Resolution
To enable logging of successful SSH logins apply the following changes:
- Log On to the Appliance Operating System with SSH
- Change to root using the following command:
sudo su -
- Edit the file /etc/pam.d/common-session using the following command:
vim /etc/pam.d/common-session
- Press i to enter Insert mode.
- Add the following line to the end of the file:
session required pam_warn.so
- Press ESC to exit Insert mode.
- Save and exit by typing :wq!
- Repeat steps 1 - 7 on each RSA Authentication Manager instance, whether it is a primary or a replica, to log successful SSH authentication attempts for the instance.
Related Articles
Previewing Role changes prior to Applying those changes shows other incorrect/unrelated changes to the Role in RSA Identit… Number of Views Unable to start RSA ACE/Server services after stopping them when Quick Admin was used prior to stop Number of Views How to purge table data prior to version 7.0.1 in RSA Identity Governance & Lifecycle Number of Views Notification rule triggers daily for the same admin error in RSA Governance & Lifecycle Number of Views RSA SecurID token import via CT-KIP URL does not work using Authentication Manager Bulk Admin 1.6 on Authenitcation Manage… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
