Note: This assumes that you specified --prefix=/usr in the configure command.
  1. Edit the relevant PAM conf file.
    sudo vi /etc/pam.d/system-auth
  2. Replace this line:
    auth      sufficient nullok try_first_pass
    with these lines:
    auth      requisite nullok try_first_pass
    auth      sufficient
  3. Apply PingID to SSH by editing the sshd_config file:
    1. Run
      sudo vi /etc/ssh/sshd_config
    2. Set the following parameters:
      • usePAM to yes
      • ChallengeResponseAuthentication to yes
      • PasswordAuthentication to no
  4. Configure PAM for public key authentication by adding the following line to the SSHD configuration file, sshd_config.
    AuthenticationMethods publickey,keyboard-interactive

    Remove from the PAM configuration for SSHD, to prevent display of a password prompt for the keyboard-interactive authentication method.


    PAM authentication is supported for SSHD with public key authentication, only when using OpenSSH 6.2 and later.

    To check the OpenSSH version, run ssh -V.

  5. Restart the sshd service.

    sudo service sshd restart