[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

OpenSSH with PAM and Tacacs+/Radius authentication



Hi,
I'm working with FreeBSD 4.3, with the OpenSSH which supports PAM.
What I need to do is the following:
When the SSH user authentication is a password authentication, I want to
authenticate through PAM. The reason for that is that I want to
authenticate through TACACS+ and Radius servers.
Users that authenticate through these servers, are identified in the local OS as the template user that was specified in pam.conf.
Now to the actual problem..
The code of the OpenSSH deamon first looks for the user in the passwd files.
In case the user is a TACACS/Radius user, he is not found there, of
course. If the user is not found, the authentication with PAM is not called
at all! This is a problem. The code in SSH should work similarly to that
in the login program, where after the authentication takes place, the
template user is looked up in the master.passwd file.
Does anyone know of a patch for this, or any other solution?


Thanks,
        Shila.

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []