Page created: 29 Oct 2020 |
Page updated: 14 Dec 2020
This is an example configuration of PingID SSH for PAM on HP-UX.
Note: This assumes that you specified
--prefix=/usr/localin the configure command.
- Create a backup of the common PAM configuration file, /etc/pam.conf.
Edit the /etc/pam.conf file as follows:
- To add MFA to SSH: Change the lines starting with
sshd auth required libpam_hpsec.so.1 sshd auth required libpam_unix.so.1
sshd auth required libpam_hpsec.so.1 sshd auth required /usr/lib/security/pam_pingid.so
- Apply PingID to SSH by editing the sshd_config
sudo vi /opt/ssh/etc/sshd_config
- Set UsePAM to ‘yes’, ChallengeResponseAuthentication to ‘yes’ and PasswordAuthentication to ‘no’.
- Configure PAM for public key authentication by adding the following line to the SSHD
AuthenticationMethods publickey,keyboard-interactiveNote:To check the OpenSSH version, run
- Restart the sshd
sudo /sbin/init.d/secsh stop sudo /sbin/init.d/secsh start
- Apply PingID to SSH by editing the sshd_config file:
- To add MFA to SU: Change the lines starting with
su auth required libpam_hpsec.so.1 bypass_setaud su auth required libpam_unix.so.1
su auth required libpam_hpsec.so.1 bypass_setaud su auth requisite libpam_unix.so.1 su auth required /usr/lib/security/pam_pingid.so
- To add MFA to SSH: Change the lines starting with sshd: