Skip to content

ac3cloud/evanstucker-rsa_securid_auth_agent_for_pam

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
examples
examples
 
 
files
files
 
 
manifests
manifests
 
 
spec
spec
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
metadata.json
metadata.json
 
 

Repository files navigation

rsa_securid_auth_agent_for_pam

Table of Contents

  1. Description
  2. Usage - Configuration options and additional functionality
  3. Reference - An under-the-hood peek at what the module is doing and how
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

Trying to puppetize proprietary products is a terrible and thankless task - particularly ones with interative install scripts... Regardless, I was disappointed that no Puppet module existed to configure RSA Authentication Agent for PAM, so I present you with this pitiful module. This is basically just a puppetization of the instructions found here:

https://community.rsa.com/docs/DOC-39959

Usage

  1. Open up the appropriate ports in your firewalls and/or security groups. I had to open 5500 UDP and 5550 TCP.

  2. Download the agent, PAM-Agent_v7.1.0.1.16.05_06_13_02_04_01.tar, from here:

    https://community.rsa.com/docs/DOC-61994

  3. Create an sdconf.rec file on your RSA server.

  4. Create a class named "profile::rsa_securid_auth_agent_for_pam" in your Puppet repo with content like this:

class profile::rsa_securid_auth_agent_for_pam {
  include ::rsa_securid_auth_agent_for_pam
  include ::rsa_securid_auth_agent_for_pam::sshd
  # Optional service declaration for sshd if you don't have one elsewhere.
  #service { 'sshd':
  #  ensure => running,
  #}
  file { '/var/ace/sdconf.rec':
    mode   => '0600',
    source => "puppet:///modules/${module_name}/rsa_securid_auth_agent_for_pam/sdconf.rec",
  }
  file { '/opt/PAM-Agent_v7.1.0.1.16.05_06_13_02_04_01.tar':
    source => "puppet:///modules/${module_name}/rsa_securid_auth_agent_for_pam/PAM-Agent_v7.1.0.1.16.05_06_13_02_04_01.tar",
  }
}

  1. Copy sdconf.rec and PAM-Agent_v7.1.0.1.16.05_06_13_02_04_01.tar to modules/profile/files/rsa_securid_auth_agent_for_pam/

  2. Did you remember to open up your firewall ports?

Reference

Here, include a complete list of your module's classes, types, providers, facts, along with the parameters for each. Users refer to this section (thus the name "Reference") to find specific details; most users don't read it per se.

###rsa_securid_auth_agent_for_pam

No parameters.

###rsa_securid_auth_agent_for_pam::sshd

No parameters. Note that this class requires that you are defining Service['sshd'] in your local Puppet code.

Limitations

This module is currently only designed to work on RHEL 7, it has only been tested with Puppet 4, and it only works with PAM-Agent_v7.1.0.1.16.05_06_13_02_04_01.tar.

Development

Please help! Make this module less terrible. Make it work with other operating systems. Contact RSA and ask them to stop hiding their download behind an account wall so I can change the source to "http://".

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

17 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages