pam_radius and ssh
Vince Hoffman
jhary at unsane.co.uk
Thu Apr 21 10:13:14 PDT 2005
Hi all,
I've been looking into using the pam_radius pam module and have
been trying out the template_user feature as this would ease the
administrative burden in our setup, (it allows a user to be specified as
a template if the radius user does not have a local account.) I can get it
to work fine for login and telnetd, but sshd seems to have a problem. If
a local user with the same name as the radius user exists then no problem,
if not then the template_user should kick in, however it doesnt, in fact
if the user does not exist localy then the pam_radius module is never
even invoked, or at least it never sends any query to the radius server.
I'm guessing that sshd checks for a valid user even when its using PAM
authentication and halts any further progress. Is there any way to turn
this off?
thank,
Vince
More information about the freebsd-questions
mailing list