[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Authenticating PPP-users against radius with PAM?



On Tue, 1 Jun 1999, Tuomo Pyhala wrote:

> I have RH6.0 installed, and machine has few modems which i would like to
> use to provide dialin access. We have existing radius-server which would
> be used to authenticate users. Can i make this work by using PAM, or do i
> need some other means? There would be only few users, and i could make
> separate account (except password, which would be in sync through
> radius) data on machine running ppp if that is required to make this
> work...

AFAIK, because pwdb can be configured to use RADIUS, the standard setup
with pam_pwdb should work.  Try changing your /etc/pwdb.conf to this:

user:
	unix+radius
	unix+shadow

group:
	unix+shadow

The pwdb documentation (/usr/doc/pwdb-0.??/pwdb.txt) suggests that you
still need to add an entry in /etc/passwd for the user, because pwdb will
only use the pass_phrase from the RADIUS server and nothing else.

The PAM page at http://www.us.kernel.org/pub/linux/libs/pam/modules.html
also lists other modules that support RADIUS specifically, which would be
a better choice of the method described above fails, and maybe even if it
works.

Hope this helps,

Nalin





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []