|
Hello, what are you using as
backend for freeradius server? If you use LDAP as backend for freeradius, I
really do NOT see the need for the use of RADIUS protocol to do authentication
for such services ( login, ssh etc ). It would be easier if you implement auth
against LDAP directory for such services, and use RADIUS where it can serve the
purpose ( full AAA ) ! Regards,
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of J. C. Desai Hi, I am looking for a Linux client side HOW-TO for
radius authentication without requiring presence of the login id on client
side locally. The following is the authentication scenario I am trying: 1) I have freeRadius server installed on a RedHat Linux
machine 2) I would like users logging into other RedHat Linux
machines in our network to have their login/passwd authenticated using
freeRadius server (for login, su, ssh, telnet, ftp etc. ways of accessing
local client machines in the network) 3) I do not want to use LDAP on server or client side 4) I am using PAM and have experimented with pam_radius_auth
module without success 5) The problem I am facing is that the login id has also to
be defined locally on client Linux machines --- otherwise, for example, the su
command fails indicating that the id does not exist (if I create the login id
on client locally, then it queries freeRadius server) 6) I do not want to add "ldap" to nsswitch.conf
file of client --- just want to stick to radius for now In summary, is there a Linux client side HOW-TO for
radius authentication without requiring presence of the login id on client
side locally? Regards ... J. C. Desai |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
