[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Pam and radius

On Thu, 27 Feb 1997, Bruno Lopes F. Cabral wrote:

> couldn't PAM be setup to read user info from another 
> machine or what? am I closer ? this will log with wtmp or
> through radius ?

Not yet. The RADIUS protocol can not be used by default to handle user
authetication out of the box. You will need to improve the RADIUS server
to tell the client about user home dir, uid, shell, etc. Or another option
will be to have /etc/passwd lying around and instead of keeping passwords
in the shadow file you test them against the RADIUS server. I prefer the
later, and this is what I am implementing now. However, there are some
problems waiting to be solved - adding users - you have to add the
passwords to the RADIUS server too, and radius protocol does not allow
this; - changing passwords - idem; managing failure states - what if the
radius server is not responding ?

> Cristian, light us (only me?) with the current state of 
> pam-radius and what is needed to use it ! new pam-libs ? changes
> on pam.conf ?

The bad news is that I don't know either what it would require... :-) I
have heavily modified my libs here, and it works on my machine, but I
didn't have the time to put together a recap. of what I've done, how I've
done it, etc... I have currently about 30 directories containing different
versions of Linux-PAM libs, and I must go through each of them and see
what was already ported into the 'official' code and what still needs to
be done...

I hope that this weekend will free() some of my HDD space...

Best wishes,
		Cristian Gafton
Cristian Gafton                                    gafton@sorosis.ro
Computers & Communications Center              Network Administrator
http://www.sorosis.ro/~gafton                          Iasi, Romania
UNIX is user friendly. It's just selective about who its friends are.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []