Hi Hrithik,
Its related to MFA authentication using free-radius configuration.
bash-4.2# pwd
/tmp/FreeRadius
bash-4.2# ls -ltr
total 504
-rw-r--r-- 1 root system 188654 Jun 12 15:48 freeradius-pam-2.0.0-1.src.rpm
-rw-r--r-- 1 root system 64052 Jun 12 16:12 freeradius-pam-2.0.0-1.aix7.1.ppc.rpm
bash-4.2# rpm -ivh freeradius-pam-2.0.0-1.aix7.1.ppc.rpm
bash-4.2# ls -ltr /usr/lib/security/pam_radius_auth.so
-rwxr-xr-x 1 root system 133483 Mar 25 2022 /usr/lib/security/pam_radius_auth.so
bash-4.2#
Configuring pam
On the client Node, to configure the client to authenticate with the pam server the corresponding server node details have to be provided in the below file in the required format.
bash-4.2# cat /etc/raddb/server
10.210.128.14:1645 Unix-BigDog12! 60
10.209.211.22:1645 Unix-BigDog12! 60
172.23.36.4:1645 Unix-BigDog12! 60
bash-4.2#
# /etc/pam.conf "Added these new lines"
bash-4.2# tail -5f /etc/pam.conf
sshd auth sufficient /usr/lib/security/pam_radius_auth.so
sshd account required /usr/lib/security/pam_aix
sshd password required /usr/lib/security/pam_aix
sshd session required /usr/lib/security/pam_aix
bash-4.2#
# /etc/security/login.cfg "Changed the type of auth_type from STD_AUTH to PAM_AUTH"
bash-4.2# tail -8f /etc/security/login.cfg
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/bin/ksh93,/usr/bin/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/bin/rksh,/usr/bin/rksh93,/usr/sbin/uucp/uucico,/usr/sbin/sliplogin,/usr/sbin/snappd
maxlogins = 32767
logintimeout = 60
maxroles = 8
auth_type = PAM_AUTH
pwd_algorithm = ssha256
bash-4.2#
# /etc/ssh/sshd_config "Changed the below attributes"
PasswordAuthentication no
PermitEmptyPasswords no
UsePrivilegeSeparation no
ChallengeResponseAuthentication yes
UsePAM yes
Once the above changes are made, restarted the sshd service.
stopsrc -s sshd
startsrc -s sshd
Note: We have followed same process another servers also and it is working fine, but facing in in this server only.
Thanks & Regards,
Sirisha.
Original Message:
Sent: 6/19/2025 1:54:00 AM
From: Hrithik Govardhan
Subject: RE: sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
Hi Sirisha- Unfortunately, I would need more details on the client side application you are trying to install - this module is not part of the PowerSC MFA installer - is this another product that you are testing?
------------------------------
Hrithik Govardhan
Senior Engineer
Rocket Software
MN
------------------------------
Original Message:
Sent: Wed June 18, 2025 01:02 PM
From: SIRISHA BEZAWADA
Subject: sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
hi Hrithik,
could you please see my query and share your response.
------------------------------
SIRISHA BEZAWADA
Original Message:
Sent: Mon June 16, 2025 01:34 PM
From: Hrithik Govardhan
Subject: sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
Hi Sirisha, any more context on what you're trying to do, what product is responsible for this module, etc?
------------------------------
Hrithik Govardhan
Senior Engineer
Rocket Software
MN
Original Message:
Sent: Fri June 13, 2025 12:32 PM
From: SIRISHA BEZAWADA
Subject: sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
------------------------------
SIRISHA BEZAWADA
------------------------------