Hi Hugh,
Can you tell me which apache pam / radius module I need to install to
authenticate customers so that they can use radacct.cgi to get their own
usage stats only. Mike mentions a pam radius module in the radacct.cgi
I found 1 email in the mail archives where the following link was given
http://pam.sourceforge.net/mod_auth_pam/
Can you help with some example or link that may show how to configure this
to authenticate the user using my radius database
is this the correct module or should it be this one
http://www.wede.de/sw/mod_auth_radius/
Also is it correct that I shouldn't use the same radius for both NAS and web
authentication as the mod_auth perl states
<quote in mod_auth_radius module>
Everyone wants strong authentication over the web. For us, this means
RADIUS.
Using static passwords & RADIUS authentication over the web is a BAD
IDEA. Everyone can sniff the passwords, as they're sent over the net
in the clear. RADIUS web authentication is a REALLY BAD IDEA if you
use the same RADIUS server for web and NAS (dial-up) or firewall
users. Then ANYONE can pretend to be you, and break through your
firewall with minimal effort.
PLEASE use a different RADIUS server for web authentication and
dial-up or firewall users! If you must use the same server, go for
one-time passwords. They're ever so much more secure.
Also, do NOT have your RADIUS server visible to the external world.
Doing so makes all kinds of attacks possible.
<end quote>
Thanks and regards
Tim
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
