Modifying the SSHD configuration file for the Centrify Client

If a computer is registered in the Privileged Access Service using the Centrify Client, do the following:

  1. Locate the sshd_config file, located here:

    vi /etc/ssh/sshd_config
  2. Locate or add these values to the file:

    TrustedUserCAKeys /etc/ssh/centrify_tenant_ca.pub
    ChallengeResponseAuthentication yes
    UsePAM yes
  3. Restart the sshd program after updating the configuration for the changes to take effect.

    For example, as root you might run one of the following commands to restart the daemon:

    • systemctl restart centrify-sshd
    • service centrify-sshd restart

    If you are using the OpenSSH version of SSHD, the following commands can be used to restart the daemon:

    • Service sshd restart
    • Sudo systemctl restart sshd