PingID Administration Guide

Configuration example of PAM for AIX

This is an example configuration of PingID SSH for PAM on AIX.

About this task

This assumes that you specified --prefix=/usr in the configure command.

Steps

  1. Edit the /etc/security/login.cfg file and change this line near the bottom of the file.

    From:

    auth_type = STD_AUTH

    To:

    auth_type = PAM_AUTH
  2. Edit the /etc/pam.conf file as follows:

    Choose from:

    • To add MFA to SSH:Change the lines starting with sshd:

      From:

      sshd auth required pam_aix

      To:

      sshd auth requisite pam_aix
      sshd auth required /usr/lib/security/pam_pingid.so
    • To add MFA to SU: Change the lines starting with su:

      From:

      su auth sufficient pam_allowroot
      su auth required pam_aix

      To:

      su auth sufficient pam_allowroot
      su auth requisite pam_aix
      su auth required /usr/lib/security/pam_pingid.so