Versions Compared
compared with
Key
- This line was added.
- This line was removed.
- Formatting was changed.
On the Resource, you need to configure the trust to the Core and Idp web server certificate. You can check if the certificate is OK by running the command:
Code Block | ||
---|---|---|
| ||
$ curl https://pam.indeed-id.local |
Open the /etc/pamsu.conf file in any editor with root priveleges, specify the idp_url, api_url, log_path and log_level settings:
- idp_url - idp URL address
- api_url - core URL address
- log_path - path to the folder with log files
- log_level - logging level, can be INFO, WARN, ERROR, FATAL
Code Block | ||
---|---|---|
| ||
Set idp_url https://pam.indeed-id.local/pam/idp Set api_url https://pam.indeed-id.local/pam/core Set log_path /var/log Set log_level INFO |
On some Linux systems, the ssh server does not allow the LC_ * environment variables by default. For the application to work correctly, add the line AcceptEnv LC_PAM_USER LC_PAM_SESSION_ID (or LC_*) in the /etc/ssh/sshd_config file.
Note | ||
---|---|---|
| ||
To allow the execution of the pamsu command, you must enable the Allow run pamsu option in the SSH section in the policy. |