SFTP connection failure due to endpoint

Document ID : KB000004879
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

When the PIM endpoint is running on linux, users are unable to sftp to the system.

Cause:

This can be caused by loginappl rules in selang not being created or even more popularly, caused by the use of KBL (keyboard logging).

Resolution:

1. Check to make sure the correct loginappl is created in selang and should look similar to the following rule.

(Please modify this rule to match the requirements for your environment)

editres LOGINAPPL ('SFTP') audit(FAILURE) comment('Predefined rule for Login application.') defaccess(EXECUTE) loginflags(NONE) loginmethod(NORMAL) loginseq(SGRP SUID) loginpath(PATH_for_env)

 

2. Keyboard logging is notorious for causing certain authentication issues due to how it collects the input to the system. To correct the SFTP issue, disable KBL in the seos.ini for the system.

; --------------------------------------------------------------------
; Tokens used by the CA ControlMinder KBL logging facility
; --------------------------------------------------------------------

; Specifies whether CA ControlMinder enables KBL audit records management
; Values: yes, no
; Default: no
kbl_enabled = no