I'm using the RSA PAM SecurID module (5.0). It authenticates users just fine, but when a token gets into new pin mode or next token mode the user does not get the prompts just a NAK. Does anyone have any experience with this?
My configuration:
radius auth required /usr/lib/security/$ISA/pam_securid.so debug
radius account required /usr/lib/security/$ISA/pam_securid.so debug
radius password required /usr/lib/security/$ISA/pam_sample.so.1
I've never used pam_securid, but should this not point to pam_securid too? It "new pin" or "next token" modes sound like they would map onto pam_chauthtok, which is what this is.
radius session required /usr/lib/security/$ISA/pam_sample.so.1
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
