"Cosby, Christopher" <[EMAIL PROTECTED]> wrote: > I'm trying to do the impossible it seems and would appreciate some help. I > want to use your pam_radius_auth module to make pppd-2.4.1 auth off of > freeradius using MSCHAPv2.
Uh... why? Why not just make pppd send radius requests itself? > I've gotten OpenSSH to work fine with the > pam_radius_auth module, so at least the module and the radius server are > working (although not complete for pppd, just haven't added some of the > CHECK/REPLY items). I have also gotten pppd to use p_r_a when using PAP > authentication. Works fine using pppd auth login -chap +pap. As soon as I > add `+chap -pap', everything goes to hell, meaning at that point pppd won't > even attempt to use PAM. I'll post this on the pppd list as well. Exactly. PAM is for authenticating usernames/passwords. Adding CHAP or MS-CHAP (which are NOT passwords) to PAM, makes PAM not work. > The question: > Is it possible to use pam_radius_auth with pppd to do MSCHAPv2 auth against > freeradius? Nope. How would pppd give the MSCHAP password to PAM? How would it tell PAM that the password is MSCHAP? How would PAM tell pam_radius_auth that the password is MSCHAP? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
