Forge Home


This module configures the RSA SecurID Authentication Agent for PAM.


1,637 latest version

4.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.15 (deleted)
  • 0.1.14 (latest)
  • 0.1.13
  • 0.1.12
  • 0.1.11
  • 0.1.10
  • 0.1.9
  • 0.1.8
  • 0.1.7
  • 0.1.6
  • 0.1.5
  • 0.1.4
  • 0.1.3
  • 0.1.2
  • 0.1.1
  • 0.1.0 (deleted)
released Apr 28th 2017
This version is compatible with:

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'evanstucker-rsa_securid_auth_agent_for_pam', '0.1.14'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add evanstucker-rsa_securid_auth_agent_for_pam
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install evanstucker-rsa_securid_auth_agent_for_pam --version 0.1.14

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



evanstucker/rsa_securid_auth_agent_for_pam — version 0.1.14 Apr 28th 2017


Table of Contents

  1. Description
  2. Usage - Configuration options and additional functionality
  3. Reference - An under-the-hood peek at what the module is doing and how
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module


Trying to puppetize proprietary products is a terrible and thankless task - particularly ones with interative install scripts... Regardless, I was disappointed that no Puppet module existed to configure RSA Authentication Agent for PAM, so I present you with this pitiful module. This is basically just a puppetization of the instructions found here:


  1. Download the agent, PAM-Agent_v7., from here:

  2. Create an sdconf.rec file on your RSA server.

  3. Create a class named "profile::rsa_securid_auth_agent_for_pam" in your Puppet repo with content like this:

class profile::rsa_securid_auth_agent_for_pam {
  include ::rsa_securid_auth_agent_for_pam
  include ::rsa_securid_auth_agent_for_pam::sshd
  # Optional service declaration for sshd if you don't have one elsewhere.
  #service { 'sshd':
  #  ensure => running,
  file { '/var/ace/sdconf.rec':
    mode   => '0600',
    source => "puppet:///modules/${module_name}/rsa_securid_auth_agent_for_pam/sdconf.rec",
  file { '/opt/PAM-Agent_v7.':
    source => "puppet:///modules/${module_name}/rsa_securid_auth_agent_for_pam/PAM-Agent_v7.",
  1. Copy sdconf.rec and PAM-Agent_v7. to modules/profile/files/rsa_securid_auth_agent_for_pam/


Here, include a complete list of your module's classes, types, providers, facts, along with the parameters for each. Users refer to this section (thus the name "Reference") to find specific details; most users don't read it per se.


No parameters.


No parameters. Note that this class requires that you are defining Service['sshd'] in your local Puppet code.


This module is currently only designed to work on RHEL 7, it has only been tested with Puppet 4, and it only works with PAM-Agent_v7.


Please help! Make this module less terrible. Make it work with other operating systems. Contact RSA and ask them to stop hiding their download behind an account wall so I can change the source to "http://".