Aureport --tty Shows Plain Text Password
Last updated on MARCH 14, 2017
Applies to:Linux OS - Version Oracle Linux 6.7 to Oracle Linux 7.3 [Release OL6U7 to OL7U3]
After configuring pam for auditing. The command 'aureport --tty' shows the logs which includes password in plain text.
The audit system uses the pam_tty_audit PAM module to enable or disable auditing of TTY input for specified users.
Modify the /etc/pam.d/system-auth and /etc/pam.d/password-auth files by adding below lines.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms