Re: Basic question to authenticate switches and Linux boxes
Roberto Carna wrote: Dear, sorry for my confusion...I need to do te following: 1) Autehnticate and authorize users accesing switches through TELNET and/or HTTP 2) Authenticate and authorize users accesing Linux servers through SSH You're about 2 steps removed from RADIUS. First, find out how those systems use RADIUS. Then look at the RADIUS pieces. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Basic question to authenticate switches and Linux boxes
Dear, sorry for my confusion...I need to do te following: 1) Autehnticate and authorize users accesing switches through TELNET and/or HTTP 2) Authenticate and authorize users accesing Linux servers through SSH Thanks again. Roberto 2013/5/9 Edvin Seferovic | Kolpinghaus St. Pölten edvin.sefero...@kolp.at You need to rephrase your question. Do you want to: a.) authenticate and authorize users accessing the console of your switch? b.) authenticate a machine/user connected to a port of a switch (MAC auth or 801.x) c.) Linux boxes are machines... see B d.) authenticate users accessing the boxes... Regards, E:S On 09.05.2013 21:38, Roberto Carna wrote: Dear Matt, my second question is: If I have to authenticate Linux boxes and switches against Freeradius, do I have to use libpam-radius-auth for both devices or what ??? Thanks again, Roberto 2013/5/8 Matt Zagrabelny mzagr...@d.umn.edu On Wed, May 8, 2013 at 3:26 PM, Roberto Carna robertocarn...@gmail.com wrote: Dear, I'm new at Freeredius as an AAA sever in a Linux box and I need to authenticate Allied switches and Debian/Centos boxes. What package/module do I have to install in adition to freeradius ??? For the Debian clients you might want: libpam-radius-auth You can use apt-cache to search for things: % apt-cache search radius pam freeradius - high-performance and highly configurable RADIUS server libpam-radius-auth - The PAM RADIUS authentication module yardradius - YARD Radius Authorization and Accounting Server And what authentication procedure do I have ti use in order to let universal AAA ??? I don't understand this question. -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Basic question to authenticate switches and Linux boxes
Dear Matt, my second question is: If I have to authenticate Linux boxes and switches against Freeradius, do I have to use libpam-radius-auth for both devices or what ??? Thanks again, Roberto 2013/5/8 Matt Zagrabelny mzagr...@d.umn.edu On Wed, May 8, 2013 at 3:26 PM, Roberto Carna robertocarn...@gmail.com wrote: Dear, I'm new at Freeredius as an AAA sever in a Linux box and I need to authenticate Allied switches and Debian/Centos boxes. What package/module do I have to install in adition to freeradius ??? For the Debian clients you might want: libpam-radius-auth You can use apt-cache to search for things: % apt-cache search radius pam freeradius - high-performance and highly configurable RADIUS server libpam-radius-auth - The PAM RADIUS authentication module yardradius - YARD Radius Authorization and Accounting Server And what authentication procedure do I have ti use in order to let universal AAA ??? I don't understand this question. -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Basic question to authenticate switches and Linux boxes
You need to rephrase your question. Do you want to: a.) authenticate and authorize users accessing the console of your switch? b.) authenticate a machine/user connected to a port of a switch (MAC auth or 801.x) c.) Linux boxes are machines... see B d.) authenticate users accessing the boxes... Regards, E:S On 09.05.2013 21:38, Roberto Carna wrote: Dear Matt, my second question is: If I have to authenticate Linux boxes and switches against Freeradius, do I have to use libpam-radius-auth for both devices or what ??? Thanks again, Roberto 2013/5/8 Matt Zagrabelny mzagr...@d.umn.edu mailto:mzagr...@d.umn.edu On Wed, May 8, 2013 at 3:26 PM, Roberto Carna robertocarn...@gmail.com mailto:robertocarn...@gmail.com wrote: Dear, I'm new at Freeredius as an AAA sever in a Linux box and I need to authenticate Allied switches and Debian/Centos boxes. What package/module do I have to install in adition to freeradius ??? For the Debian clients you might want: libpam-radius-auth You can use apt-cache to search for things: % apt-cache search radius pam freeradius - high-performance and highly configurable RADIUS server libpam-radius-auth - The PAM RADIUS authentication module yardradius - YARD Radius Authorization and Accounting Server And what authentication procedure do I have ti use in order to let universal AAA ??? I don't understand this question. -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Basic question to authenticate switches and Linux boxes
On Wed, May 8, 2013 at 3:26 PM, Roberto Carna robertocarn...@gmail.com wrote: Dear, I'm new at Freeredius as an AAA sever in a Linux box and I need to authenticate Allied switches and Debian/Centos boxes. What package/module do I have to install in adition to freeradius ??? For the Debian clients you might want: libpam-radius-auth You can use apt-cache to search for things: % apt-cache search radius pam freeradius - high-performance and highly configurable RADIUS server libpam-radius-auth - The PAM RADIUS authentication module yardradius - YARD Radius Authorization and Accounting Server And what authentication procedure do I have ti use in order to let universal AAA ??? I don't understand this question. -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html