ConfD User Community

PAM authentication

Hi,
I want to enable PAM authentication for Confd. The same shall be used for any access to Confd and there should be no Local Authentication allowed. How can I do that?

Thanks!

Regards,
Ankit

See the ConfD User Guide, chapter “AAA Infrastructure”, section “Authentication”; there is a paragraph dedicated to PAM authentication, but you may need to read other parts too.

Hi Martin,

Thanks for the inputs.
Actually I have read them and tried implementing the same by removing users and groups from aaa_init.xml and enabling PAM in confd.conf, but somehow still access is being granted to confd_cli and other remote access.
In there any way by which I can confirm if I have configured PAM correctly or not.

Regards,
Ankit

confd_cli skips authentication, if it is invoked from the command line - see man confd_cli. What other remote access methods are ignoring that?

Important AAA-related stuff is logged into the audit log file.