I am attempting to get our RSA SecurID tokens working in CentOS:

http://www.rsa.com/node.aspx?id=1177

Has anyone had any experience with this? I know CentOS is not supported but one would think that it could be easily implemented...

Here's the error I'm receiving:

May 13 10:26:21 sshd[1662]: @(#)RSA Authentication Agent 5.3 for PAM [263]
May 13 10:26:21 sshd[1662]: Entered pam_sm_authenticate
May 13 10:26:21 sshd[1662]: Entered iReadPAMConfigFile
May 13 10:26:21 sshd[1662]: VAR_ACE is /var/ace
May 13 10:26:21 sshd[1662]: ENABLE_GROUP_SUPPORT is 0
May 13 10:26:21 sshd[1662]: INCL_EXCL_GROUPS is 0
May 13 10:26:21 sshd[1662]: Adding ::other:: to list of groups
May 13 10:26:21 sshd[1662]: Adding ::wheel:: to list of groups
May 13 10:26:21 sshd[1662]: Adding ::eng:: to list of groups
May 13 10:26:21 sshd[1662]: Adding ::othergroupnames:: to list of groups
May 13 10:25:21 sshd[1662]: Adding ::testing:: to list of groups
May 13 10:26:21 sshd[1662]: Number of groups is 4
May 13 10:26:21 sshd[1662]: AUTH_CHALLENGE_USERNAME_STR
May 13 10:26:21 sshd[1662]: AUTH_CHALLENGE_RESERVE_REQUEST_STR
May 13 10:26:21 sshd[1662]: AUTH_CHALLENGE_PASSCODE_STR
May 13 10:26:21 sshd[1662]: AUTH_CHALLENGE_PASSWORD_STR
May 13 10:26:21 sshd[1662]: iReadPAMConfigFile: Returning success.
May 13 10:26:21 sshd[1662]: Entered PAM:InitSecurID
May 13 10:26:21 sshd[1662]: ace_dir_env is VAR_ACE=/var/ace
May 13 10:26:21 sshd[1662]: AceInitialize failed
May 13 10:26:21 sshd[1662]: Reserve password not allowed by RSA SecurID module
May 13 10:26:21 sshd[1662]: Failed password for apace from 192.168.5.201 port 60353 ssh2

[root@snorlax bin]# ./acestatus

Error can't connect to ACE/Server

[root@snorlax bin]# ./acetest

AceInitialize failed
[root@snorlax bin]#

RSA is no help since it's not a RHEL box :( The PAM module installs fine, but I see no communication between the server and the RSA Appliance!
--
Andy Pace
apace@singlehop.com