'su -' doesn't prompt for passcode on SUSE with PAM Agent
Originally Published: 2015-07-07
Article Number
Applies To
RSA Product/Service Type: Authentication Agent for PAM
RSA Version/Condition: 7.1
Platform: Linux
Platform (Other): null
O/S Version: Suse Linux
Issue
'su <username>' prompts for passcode as expected.
Confirmed /etc/pam.d/su is configured correctly as below.
#%PAM-1.0
#auth sufficient pam_rootok.so
#auth include common-auth
auth required pam_securid.so
account sufficient pam_rootok.so
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
Resolution
2. Edit /etc/pam.d/su-l file, comment all lines starting with auth and add the below line:
auth required pam_securid.so
Notes
The issue cannot be reproduced on RHEL.
Related Articles
How to su as root to a user account protected by securid without getting Passcode prompted. Number of Views Configuring su on Red Hat Linux 4.0 does not work with RSA Authentication Agent for PAM Number of Views 'su: cannot set user id: Resource temporarily unavailable' error when logging in to the Application Server as the Oracle u… Number of Views Error 'cannot set user id: Resource temporarily unavailable' while trying to login or su as user oracle in RSA Identity Go… Number of Views Opening a Support Request with RSA Customer Support Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
