Managerial Approval for SFTP Devices Connections

to enable managerial approval via email or mobile notification for users connecting to devices, the require managerial approval property must be set on the device group that has the target devices when the managerial approval property for the user is set , an approval request email is sent to the group manager of the user who attempted to establish the connection for each attempt, a new approval request email is generated and sent to the manager’s email address a parameter can be configured to set a time limit on sending emails for the same connection request establish an ssh connection to the kron pam server set the required parameter in /u01/sftp prox/conf/nsso properties with the commands cd /u01/sftp prox/conf/ vi nsso properties add/edit the following parameter with the vi editor nsso approval email timeout = 0 (default value is “0” and the label of the value is seconds ) after the parameters are set, save, and exit the vi editor, and restart sftp prox with the command systemctl restart pam sftp the parameter prevents kron pam from sending too many emails to the manager for each repetitive attempt for example, if this parameter is set to 300 seconds, and a user attempts to connect to a device more than one time in five minutes, only one connection approval request email is sent to the manager to receive a connection approval request email for each attempt separately, the parameter’s default value of zero can be used