pam_conv is good for holding interactive conversation locally for applications
such as login, su etc.
When used with radius server pam_conv failed to do prompt at remote_client.
Please note that we are not interested in local convesation where PAM is
located.
The remote client I have used is one of the test applications from the radius
suite.
Let me aks you further.
note: A and B are machines.
{client @ A} ---> {radius at B} --> {PAM @ B}
Now when I tested as said above, a call to pam_conv in PAM module at machine B
did nothing. Are you sure it does prompt with a message at client @ A ?
I look forward to your reply.
Thanks,
________________________________
From: John Dennis [mailto:jden...@redhat.com]
Sent: Mon 3/15/2010 1:51 PM
To: Rajendra Hegde
Cc: FreeRadius users mailing list
Subject: Re: How to handle challenge response using PAM auth in FreeRadius
On 03/15/2010 01:12 PM, Rajendra Hegde wrote:
> Hello,
> The scenario is like this :
> {remote client } -----> {radius} ---> {PAM} ----> {Extern Athenticator}
> Now when the external authenticator sends challenge to PAM, I do not see
> a easy way to pass the "challenge text" back to the radius.
> Please note that pam_sm_authenticate allows either SUCCESS or FAILURE return
> but not "Challnege text" return.
I gave you the answer, it's done with pam_conv, you should read the code
in rlm_pam.c.
--
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the
company. Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities other
than the intended recipient is prohibited. If you received this in error,
please contact the sender immediately and delete the material from any
computer. Please see our legal details at http://www.cryptocard.com
CRYPTOCard Inc. is registered in the province of Ontario, Canada with Business
number 80531 6478. CRYPTOCard Europe is limited liability company registered
in England and Wales (with registered number 05728808 and VAT number 869 3979
41); its registered office is Aztec Centre, Aztec West, Almondsbury, Bristol,
UK, BS32 4TD
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
