AnsweredAssumed Answered

SSH_PROXY and SAM Terminal integration

Question asked by queju01 Employee on May 11, 2015
Latest reply on Jun 9, 2015 by musmo02

 

I’m testing SAM terminal integration in 12.9 and I found SSH_PROXY doesn’t work very well with it. Actually it just doesn’t work. It looks like AC is not recognizing SSH_PROXY sessions as automatic logins

 

So, here is the scenario:

 

  1. Setup an account to work with SAM terminal integration (for example: entmadm)

    At the endpoint level:

            exu entmadm pupm_flags(use_original_identity, required_checkout)

  2. SSH_PROXY

                Try to SSH_PROXY to the account

 

The login will be denied due to automatic login requirements:

Here is the seaudit -detail output:

 

 

11 May 2015 23:45:11 D LOGIN        entmadm               29 10 queju01-u146325.mylab.ca.com /usr/sbin/sshd

Event type: Login event

Status: Denied

User name: entmadm

Terminal: queju01-u146325.mylab.ca.com

Program: /usr/sbin/sshd

Date: 11 May 2015

Time: 23:45

Details: Automatic login is required for this account

User Logon Session ID: 5550bf06:00000125

Audit flags: AC database user

Outcomes