This would address a long deficiency in Solaris-land. Indeed, many telecommunications companies rely on RADIUS still (not DIAMETER yet). For example, I've been working with the Nortel account team on a proposal for a 'NAS file server' (it's not really a NAS file server - just an FTP server). One of the key requirements is that the system accept RADIUS and or Native LDAP for authentication. As such, the account team is already having to consider bringing in FreeRADIUS and the PAM module for their solution.
Nortel itself has already done a mod to FreeRADIUS for Solaris to provide some more information that they require and already use this on their Solaris-based Switches and routers. Yes, modulo a solid technical reason why we shouldn't do this, I would certainly support addressing this issue with FreeRADIUS. BTW : Have I told anyone that I still think we need a PPTP and an L2TP over IPsec in Solaris if we want to address VPN server requirements ? Darren J Moffat wrote: > Should we include the FreeRADIUS server in OpenSolaris (probably in the > SFW consolidation) ? > > Should we include the FreeRADIUS PAM module in OpenSolaris (either SFW > or ON) ? > > Any technical reason why we shouldn't do this ? > > Would this conflict with any work that anyone else is aware of that is > going on in the Security or Networking communities ? > > Is anyone else interested in working with me on this ? I don't think it > merits an OpenSolaris project to do this since the server side would > just integrate into SFW (and hopefully builds cleanly or nearly so). > The client side I'd be happy for this to be in ON and I have some minor > modifications to it [1]. > > [1] http://blogs.sun.com/darren/entry/pam_radius_auth_sun_studio > > -- Mark Thacker Product Line Manager, Solaris Security & Naming Services 9430 Blackthorn Trail Frisco, TX 75034 mark.thacker at sun.com ph : 972-992-3178
