[unisog] RSA SecurID with ESX

Jenkins, Matthew mjenkins7 at fairmontstate.edu
Wed Apr 12 23:20:37 GMT 2006

I thought about authenticating against the SecurID server using RADIUS.  Has anyone had any luck getting ESX to work with a RADIUS server?  The ESX distribution does not seem to include a RADIUS PAM module.  I am glad to hear I am not the only person having problems.  I called RSA but they did not want to support the Unix agent.  ESX is of no help at all, despite what the problem is.  Their support still has not called or e-mailed me back, despite us having 8x5 support.


From: unisog-bounces at lists.sans.org on behalf of Bruce Hudson
Sent: Wed 4/12/2006 4:41 PM
To: unisog at lists.sans.org
Subject: Re: [unisog] RSA SecurID with ESX

> Has anyone successfully gotten the SecurID Unix agent working with the
> ESX web login (vmware-authd)?  It seems to work fine with sshd; however,
> I can't seen to get it working with the ESX web console.  I also wasn't
> successful getting it working with local login.  It authenticates the
> user, however, the session immediately logs out after I attempt to login
> to the local console.  Thanks,

    We use a locally written PAM client for SecurID. When we looked at
Redhat AS4, we got the same problem described above -- clients would be
authenticated but then the session would immediately terminate. I think
the problem was related to conflicts with the threading support that came
with the 2.6 Linux kernel. I am not sure what ESX is based on but it may
be the same problem.
Bruce A. Hudson                         | Bruce.Hudson at Dal.CA
UCIS, Networks and Systems              |
Dalhousie University                    |
Halifax, Nova Scotia, Canada            | (902) 494-3405
unisog mailing list
unisog at lists.sans.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 5082 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20060412/18ff2a59/attachment.bin

More information about the unisog mailing list