'su -' doesn't prompt for passcode on SUSE with PAM Agent
Originally Published: 2015-07-07
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
RSA Version/Condition: 7.1
Platform: Linux
Platform (Other): null
O/S Version: Suse Linux
Issue
'su <username>' prompts for passcode as expected.
Confirmed /etc/pam.d/su is configured correctly as below.
#%PAM-1.0
#auth sufficient pam_rootok.so
#auth include common-auth
auth required pam_securid.so
account sufficient pam_rootok.so
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
Resolution
2. Edit /etc/pam.d/su-l file, comment all lines starting with auth and add the below line:
auth required pam_securid.so
Notes
The issue cannot be reproduced on RHEL.
Related Articles
How to su as root to a user account protected by securid without getting Passcode prompted. Number of Views 'su: cannot set user id: Resource temporarily unavailable' error when logging in to the Application Server as the Oracle u… Number of Views Configuring su on Red Hat Linux 4.0 does not work with RSA Authentication Agent for PAM Number of Views Error 'cannot set user id: Resource temporarily unavailable' while trying to login or su as user oracle in RSA Identity Go… Number of Views Empty Termination Change requests created for users that are deleted in RSA Governance & Lifecycle Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
