Hello All,
i'm trying to make freeradius v0.9.3 on linux use pam for
authentication. So far, I haven't been able to get it to work. Based
on the output from 'freeradius -sfX', i think I may not have the pam
config quite right.
Here's what I've config'ed:
- in /etc/freeradius/radiusd.conf :
within the modules { } declaration, there's a declaration:
pam {
pam_auth = radiusd
}
- there's a file /etc/pam.d/radiusd which I assume the above module
declaration is referring to. It currently equates to the system
default, which is to use pam_unix.
- in /etc/freeradius/radiusd.conf, inside the authorize { }
declaration, there's a declaration:
Auth-Type PAM {
pam
}
- in /etc/freeradius/users :
the first DEFAULT entry is as follows:
DEFAULT Auth-Type=PAM
Fall-Through = Yes
I've made no other 'entries', other than the ones that were in the
file by default (i got freeradius from Debian's unstable branch).
I've tried several minor variations of the above changes, to no avail.
Here's what 'freeradius -sfX' says:
rad_check_password: Found Auth-Type PAM
auth: type "PAM"
modcall: entering group Auth-Type for request 1
pam_pass: using pamauth string <radiusd> for pam.conf lookup
pam_pass: function pam_authenticate FAILED for <detertj>. Reason:
Authentication failure
modcall[authenticate]: module "pam" returns reject for request 1
modcall: group Auth-Type returns reject for request 1
auth: Failed to validate the user.
/var/log/auth.log sheds no further light. Ultimately, i want to use
pam_smb, but for starters, I'm currently just trying to use pam_unix.
I can ssh into the box as the failed user 'detertj' just fine.
Any ideas?
Thanks
--
Happy Landings,
Jon Detert
IT Systems Administrator, Milwaukee School of Engineering
1025 N. Broadway, Milwaukee, Wisconsin 53202
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
