Product Documentation

Configuring PAM for use with TrustKey

When a site requires Administrators to authenticate to a credential on the console of the Tellaro appliance, StrongKey supports the use of MFA by configuring the Pluggable Authentication Module (PAM) in Linux to support this capability. This section describes how to to configure PAM for use with TrustKey’s TrustKey G310 Security Key on the Rocky 9.1-Rocky 9.3 operating system.

 

Prerequisites 

Component

Version

Operating System

Rocky Linux 9.1

Kernel

5.14.0-162.6.1.el9_1.x86_64

 

FIDO Clients and Libraries

Version

pam-u2f

1.3.0

pamu2fcfg

1.3.0

libcbor

0.10

libfido2

1.12

 

Configuring the Security Keys
The following sections describe how to configure the Idem Key Plus for use as a second factor to authenticating to a privileged credential on the Tellaro Console by assigning a PIN to it. This is only required if you want to enforce PIN for Linux login.