Aureport --tty Shows Plain Text Password (Doc ID 2239220.1)

Last updated on APRIL 15, 2021

Applies to:

Linux OS - Version Oracle Linux 6.7 to Oracle Linux 7.3 [Release OL6U7 to OL7U3]
Oracle Cloud Infrastructure - Version N/A and later
Linux x86-64

After configuring pam for auditing. The command 'aureport --tty' shows the logs which includes password in plain text.

The audit system uses the pam_tty_audit PAM module to enable or disable auditing of TTY input for specified users.

Modify the /etc/pam.d/system-auth and /etc/pam.d/password-auth files by adding below lines.

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.