This document is standard doc, In our case everything works fine. but only problem we want to secure "su -" with PASSCODE, I agreed sudo su - will solve all problem, But i want to make it work when people do "su -" and they pass their password/passcode (just like sudo) There must be someway to do that.. not sure how. May be hack su.c source code On Mon, May 23, 2016 at 9:51 AM, Nick Owen <nowen@xxxxxxxxxxxxxxxx> wrote: > Perhaps disable su and force the use of sudo. Here's a tutorial on > adding 2 factor to sudo using pam-radius > https://www.wikidsystems.com/support/tutorials/how-to-setup-two-factor-authentication-for-both-linux-and-windows-administrators/ > (ignore the windows part). > > On Sat, May 21, 2016 at 1:55 PM, Satish Patel <satish.txt@xxxxxxxxx> wrote: >> Hello, >> >> /etc/pam.d/su use root password to escalate privilege but if we want >> to integrate it with securID auth or multi factor auth when what would >> be the approach (because root doesn't have RSA token) so how does user >> supply their tokenID. >> >> _______________________________________________ >> Pam-list mailing list >> Pam-list@xxxxxxxxxx >> https://www.redhat.com/mailman/listinfo/pam-list > > > > -- > Nick Owen -- WiKID Systems, Inc. > http://www.wikidsystems.com > Commercial/Open Source Two-Factor Authentication > http://twitter.com/wikidsystems | #wikid on freenode.net > Get our low-volume newsletter - Notices, updates : http://eepurl.com/zzUeP > > _______________________________________________ > Pam-list mailing list > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list