'su -' doesn't prompt for passcode on SUSE with PAM Agent
Originally Published: 2015-07-07
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
RSA Version/Condition: 7.1
Platform: Linux
Platform (Other): null
O/S Version: Suse Linux
Issue
'su <username>' prompts for passcode as expected.
Confirmed /etc/pam.d/su is configured correctly as below.
#%PAM-1.0
#auth sufficient pam_rootok.so
#auth include common-auth
auth required pam_securid.so
account sufficient pam_rootok.so
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
Resolution
2. Edit /etc/pam.d/su-l file, comment all lines starting with auth and add the below line:
auth required pam_securid.so
Notes
The issue cannot be reproduced on RHEL.
Related Articles
How to su as root to a user account protected by securid without getting Passcode prompted. Number of Views Configuring su on Red Hat Linux 4.0 does not work with RSA Authentication Agent for PAM Number of Views 'su: cannot set user id: Resource temporarily unavailable' error when logging in to the Application Server as the Oracle u… Number of Views Error 'cannot set user id: Resource temporarily unavailable' while trying to login or su as user oracle in RSA Identity Go… Number of Views Empty Termination Change requests created for users that are deleted in RSA Governance & Lifecycle Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
