You can configure the behavior of the PingID SSH agent by modifying the configuration file.
The PingID SSH configuration file, pingid.conf, is usually located under /usr/etc/pingid.
The following table describes the configuration parameters and their valid and default values.
| Parameter | Description | Valid Values | Default Values |
|---|---|---|---|
| verbose |
Toggle extended logging. |
true, false | false |
| log_file |
Define a file name and path for the pingid log file. |
Full path of the log file. |
None. Messages are written to the system log. |
| policy_user_not_registered |
Set the policy for users that are not registered. |
|
register |
| domain_postfix |
The suffix to be appended to the user in cases where it should be registered with the full domain name. |
The domain suffix. For example, @example.com. |
None |
| max_prompts |
The maximum number of prompts the user can receive during the initial registration process. |
Any integer from 1 - 10. |
8 |
| fail_mode |
How to behave if the connection to the PingID service cannot be established. |
|
restrictive |
| proxy |
The URL of the http_proxy or the https_proxy. |
None |
|
| proxy_verify_cert (1)(2) |
See (2) below |
true, false | false |
| proxy_ca_file (1) |
Path to CA file |
Path to CA file |
Empty |
Notes to proxy items
- These configuration options take effect only when the
proxyoption is set. - If proxy_verify_cert is
- true then the SSH agent uses the default value for curl option: CURLOPT_SSL_VERIFYPEER
- false then the SSH agent uses 0 value for curl option: CURLOPT_SSL_VERIFYPEER