Issue with SSH access to Solaris via CA PAM 2.8.2

Document ID : KB000007014
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

SSH access to Solaris via CA PAM 2.8.2 stops prior to the user login:

Cause:

This is a known issue with PAM 2.8.2 against older Solaris Operating System with SunSSH:

=================================================== 
SSH Connections Fail for Some Server DH Key Sizes (DE274103) 

Java currently only supports Diffie Hellman (DH) Key Agreement for key sizes that are multiples of 64 and in the range from 512 to 2048 (inclusive). As a result, if a server generates a DH key size that does not meet these criteria, Java throws an exception and the SSH connection fails. 
=================================================== 

Resolution:

The access issue caused by the previous fix will be addressed with CA PAM 2.8.3 release. 

When SSH access failed due to the DH key Size, PAM will retry with shorter length key size.