> On Thu, 10 Mar 2005 12:14:52 -0800, Mike Helm <[EMAIL PROTECTED]> wrote: > John Webster forwards: > > 'shared secret'. (PAM module uses /etc/radius.conf for 'shared > > secret', servername, etc) > > 5 - Configure PAM/sshd (or whatever PAM aware services) to require > > RADIUS authentication > > 6 - Configure your local users. (local username must be there SecurID > > username) > > have you given any thought to interoperation with an environment > where local name cannot = securid username ? >
Not really, but my guess is that you would need to add another piece to the puzzle. Possibly LDAP? I researched using LDAP very briefly ( i.e. LDAP PAM Mod -> Central LDAP -> RADIUS -> RSA ACE ) with hopes of leveraging additional LDAP functionality. Could be possible to store the SecurID username within a user's LDAP entry? Just a thought... > We have, but we haven't figured out what (or which) is the satisfactory > solution(s). Or done enough work yet either, for that matter. good luck. - jw _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"