Hello MALLAYYA,
Please find the below installation and configuration details for the same.
bash-4.2# hostname
hostnameX
bash-4.2# date
Fri Jun 13 05:16:19 PDT 2025
bash-4.2# pwd
/tmp/FreeRadius
bash-4.2# ls -ltr
total 504
-rw-r--r-- 1 root system 188654 Jun 12 15:48 freeradius-pam-2.0.0-1.src.rpm
-rw-r--r-- 1 root system 64052 Jun 12 16:12 freeradius-pam-2.0.0-1.aix7.1.ppc.rpm
bash-4.2# rpm -ivh freeradius-pam-2.0.0-1.aix7.1.ppc.rpm
bash-4.2# ls -ltr /usr/lib/security/pam_radius_auth.so
-rwxr-xr-x 1 root system 133483 Mar 25 2022 /usr/lib/security/pam_radius_auth.so
bash-4.2#
Configuring pam
On the client Node, to configure the client to authenticate with the pam server the corresponding server node details have to be provided in the below file in the required format.
bash-4.2# cat /etc/raddb/server
10.210.128.14:1645 Unix-BigDog12! 60
10.209.211.22:1645 Unix-BigDog12! 60
172.23.36.4:1645 Unix-BigDog12! 60
bash-4.2#
# /etc/pam.conf "Added these new lines"
bash-4.2# tail -5f /etc/pam.conf
#SSHD
sshd auth sufficient /usr/lib/security/pam_radius_auth.so
sshd account required /usr/lib/security/pam_aix
sshd password required /usr/lib/security/pam_aix
sshd session required /usr/lib/security/pam_aix
bash-4.2#
# /etc/security/login.cfg "Changed the type of auth_type from STD_AUTH to PAM_AUTH"
bash-4.2# tail -8f /etc/security/login.cfg
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/bin/ksh93,/usr/bin/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/bin/rksh,/usr/bin/rksh93,/usr/sbin/uucp/uucico,/usr/sbin/sliplogin,/usr/sbin/snappd
maxlogins = 32767
logintimeout = 60
maxroles = 8
auth_type = PAM_AUTH
pwd_algorithm = ssha256
bash-4.2#
# /etc/ssh/sshd_config "Changed the below attributes"
PasswordAuthentication no
PermitEmptyPasswords no
UsePrivilegeSeparation no
ChallengeResponseAuthentication yes
UsePAM yes
Once the above changes are made, restarted the sshd service.
stopsrc -s sshd
startsrc -s sshd
Note: We have followed same process another servers also and it is working fine, but facing in in this server only.
Thanks & Regards,
Naresh Pulakandam
------------------------------
Naresh Pulakandam
------------------------------
Original Message:
Sent: Fri June 13, 2025 03:57 AM
From: Naresh Pulakandam
Subject: We are getting this "PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so" error while trying to authenticate with MFA on AIX server.
We are getting this "PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so" error while trying to authenticate with MFA on AIX server.
hostnameX auth|security:err|error sshd: PAM: load_modules: can not open module /usr/lib/security/pam_radius_auth.so
Thanks & Regards,
Naresh Pulakandam
------------------------------
Naresh Pulakandam
------------------------------