Aureport --tty Shows Plain Text Password

(Doc ID 2239220.1)

Last updated on MARCH 14, 2017

Applies to:

Linux OS - Version Oracle Linux 6.7 to Oracle Linux 7.3 [Release OL6U7 to OL7U3]
Linux x86-64

Symptoms

After configuring pam for auditing. The command 'aureport --tty' shows the logs which includes password in plain text.

The audit system uses the pam_tty_audit PAM module to enable or disable auditing of TTY input for specified users.

Modify the /etc/pam.d/system-auth and /etc/pam.d/password-auth files by adding below lines.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms