On Mon, 27 Mar 2006, Aymeric MUNTZ wrote:
Hello,
I'm trying to set authentication against Radius on my box.
I modified my /etc/pam.d/telnetd file for:
___
|auth required pam_radius.so conf=/etc/radius.conf
|account required pam_radius.so
|session required pam_lastlog.so no_fail
|password required pam_radius.so no_warn
try_first_pass
|___
It seams that id does nothing.
1) How can I set it correctly working?
2) How do I define users and groups? I guess that it is not enough
to set
it in the radius server. Moreover, I don't want to grant access to every
user in my radius database.
Unfortunately its just PAM radius not nss radius so you will need to
define all your users and groups on the local machine. The alternative is
to use nis (never looked into it) or ldap( freebsd has nss_ldap and
pam_ldap in ports.) Otherwise with local users created, setup
/etc/radius.conf
with the correct info (mine looks like this)
auth 12.23.34.45:1645 "FAKEradiusKEY" 4 5
and add a line like
auth sufficient pam_radius.so no_warn
try_first_pass
to the relevent pam file. I use it so I can authenticate against an RSA
ACE server.
Do you know a good documentation about that?
A good read of man radius.conf and man pam_radius should be enough.
otherwise google is your friend.
cheers,
Vince
Thanks
Cheers
Alex
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
