Hi, I was just wondering if you'd be able to help me out. I'm trying to get login, ftpd and ssh to authenticate using PAM/RADIUS. I have setup a RADIUS server (FreeRADIUS 0.9.0) and added a user/pass testuser/testpass. On my client machine, I created a template user called templateUser. The reason for this is so that when a new user needs to be added, it only needs to be added on the RADIUS server. When the client machine comes across a user that does not exist in its password database, it defaults to the user templateUser for "account" purposes. I edited the pam.conf file on the client machine so that it uses pam_radius.so when authenticating login/ftpd/sshd.
The idea is that I should be able to login using testuser/testpass onto my client machine even though testuser does not exist on that machine, but does exist on the RADIUS server. I am able to do this successfully when I use login, but ftpd and sshd fail. I debugged the RADIUS server and it does not get a request from the client when I use ftpd or sshd with the user testuser. However, if I use the user templateUser, the RADIUS server does get the request, but obviously rejects the user because it is not a valid user on the RADIUS server. So, I concluded that the ftpd and sshd programs do not forward their requests to the RADIUS server when they can't find the user on their local machines. Is there a way to get around this? Thanks, Adil _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
