"Shannon Johnson" <[EMAIL PROTECTED]> wrote: > I need this radius server to authenticate / authorize (still a > little hazy on the difference) console and ssh access to 10 > workstations. The requests would come in to the workstation, get > routed to the server via a pam module, hit the freeradius server, > verify the username and password in the database, and let the person > on if their info is correct. First question, is this possible?
For username/password verification, yes. They'll still have to get uid/gid/shell from somewhere, though. > I just got done reading about the differences between authorization > and authentication, and from what I gather, freeradius can't do > authentication to an SQL database. Is that correct? Yes. It won't try to log users into an SQL database. > Ideally, what I would like, is to have a database holding all the > usernames and passwords (holding in clear text, but transmitting > encrypted, if that matters). Can I do that with freeradius? Yes. That's storing the username/password in SQL, and letting FreeRADIUS use trhat information to authenticate them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
