After setting a custom prompts such as prompt-vas-ad-pw = "Enter your Windows password: " in the vas.conf file or in a group policy, the correct prompt is not displayed when logging in with ssh.
This also applies to the prompt-local-pw and prompt-vas-ad-disauth-pwcache options.
The version of ssh is not compiled with pam.
SSH Configuration issue
AIX operating system configuration issue
To check if ssh is compiled with pam run the following command:
ldd /usr/local/sbin/sshd | grep -i pam
If it show pam libraries file than the version is compiled with pam.
1 - Install version of ssh that is compiled with PAM
1 - Edit the sshd_config file
2 - Change the config to include "ChallengeResponseAuthentication yes"
3 - Ensure UsePAM is set to yes
3 - Restart sshd
If on the AIX operating system, in order to see the custom prompts you must be using PAM authentication. To check what method of authentication the system is setup to use view the login.cfg file. If auth_type = STD_AUTH the system is using LAM.
1 - Edit the login.cfg file
2 - Change the auth_type = PAM_AUTH
3 - Reboot
Force the SSH client and/or server to only use SSH2. This is also recommended as a security measure.
This can also be caused by using password authentication instead of keyboard-interactive. Password does not support custom prompts form PAM, while keyboard-interactive does.