PAM calls to the two methods.
Could be tricky.
Dan @ UM.
Message: 2
Date: Tue, 23 Jan 2007 14:05:32 -0800 (PST)
From: Agent Smith [EMAIL PROTECTED]
Subject: Re: Splitting the password field in freeRADIUS
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Drumm, Daniel wrote:
Is it possible to front end this type of server with FreeRADIUS, so that
NAS-Clients can send a tokencode prepended to, say, a Kerberos password
- and have the FreeRADIUS server forward the first 6 digits of the field
to the RSA server for tokencode validation - and the
As some of you may know, RSA SecurID servers now support RADIUS. The
Auth Manager comes with the Funk RADIUS sever embedded into it, and
supports a number of auth types, including EAP-OTP as well as the usual
types such as CHAP.
Is it possible to front end this type of server with FreeRADIUS, so
I currently use SecurID as the auth back-end for a AAA system utilizing
Radius and TACACS+, both with the native linux PAM agent (as opposed to
integrating with the FUNK (now Juniper) daemon).
I found it easier to troubleshoot if only native SecurID auth requests
were coming into the servers and
I frontend our secureID server with FR. but that is
only doing PAP. The way I do this is radius proxy whre
the FR is running on the same box different port.
I don't understand what you are trying to do here. If
a user tried to authenticate you want the PIN to
authenticate on radius? and the
5 matches
Mail list logo
