I have been trying for some time now to automate the install and configuration of RSA Securid. This is the reference I have been using:
https://www.turbogeek.co.uk/how-to-install-rsa-authentication-in-linux/
It seems straightforward enough. I have an Anisble play within a role I use for state mgmt to handle the install and set up of RSA Secureid. Initially, I create the /var/ace directory and the file, sdopts.rec, echo'ing in the CLIENT_IP=.
In the next Ansible block, I pull down the rsa tarball, extract it, get the expect script, and run the install.
In the third Ansible block, I grab the sd_pam.conf (a J2 template), put it in /etc/ as /etc/sd_pam.conf and then finally adjust the /etc/pam.d/sshd file which for all intents and purposes looks fine. And, before any testing, I restart the sshd daemon.
I've tried to find a Galaxy role to compare my work to but no luck there. Does anyone have a reference to a working role?
Upon testing rsa, running ./acestatus is successful but ./acetest does fail. I have enabled tracelevel 8 on the logs and provided a location for the logs in /tmp/rsa.log. The RSA console does not show any hint of the test server(s) reaching out to it.
Adding on to this $ ./acestatus is successful but $ ./acetest just hangs and eventually times out.
Tracing has been enabled at a level of 8
[thin] 11:03:14.660 File:acnetsub.c Line:550 # ReceiveServers():Receivefrom (10.x.x.x) at port 31765
[thin] 11:03:14.660 File:acnetsub.c Line:497 # CheckServerAddress: server 1 detected from address 10.x.x.x
[thin] 11:03:14.660 File:acnetsub.c Line:571 # message received did not decrypt ok, assume recv late
[thin] 11:03:14.661 File:acmgt.c Line:781 # DoSendsAndReceives: Comparing timelimit [1688659395] to time [1688659394]
[thin] 11:03:14.661 File:acmgt.c Line:765 # DoSendsAndReceives: Calling 'select' while waiting to receive packet
[thin] 11:03:19.666 File:acmgt.c Line:813 # DoSendsAndReceives: select error[0], netcount=1, maxretries=5.
then it just repeats until it times out.
Thanks all.
