HOW-TO for Linux radius client

Seferovic Edvin edvin.seferovic at kolp.at
Fri Sep 1 21:48:13 CEST 2006 

Hello,

 

what are you using as backend for freeradius server? If you use LDAP as
backend for freeradius, I really do NOT see the need for the use of RADIUS
protocol to do authentication for such services ( login, ssh etc ). It would
be easier if you implement auth against LDAP directory for such services,
and use RADIUS where it can serve the purpose ( full AAA ) !

 

Regards,


Edvin Seferovic

 

  _____  

From: freeradius-users-bounces+edvin.seferovic=kolp.at at lists.freeradius.org
[mailto:freeradius-users-bounces+edvin.seferovic=kolp.at at lists.freeradius.or
g] On Behalf Of J. C. Desai
Sent: Freitag, 01. September 2006 21:34
To: freeradius-users at lists.freeradius.org
Subject: HOW-TO for Linux radius client 

 

Hi,

 

I am looking for a Linux client side HOW-TO for radius authentication
without requiring presence of the login id on client side locally.

 

The following is the authentication scenario I am trying:

 

1) I have freeRadius server installed on a RedHat Linux machine

2) I would like users logging into other RedHat Linux machines in our
network to have their login/passwd authenticated using freeRadius server
(for login, su, ssh, telnet, ftp etc. ways of accessing local client
machines in the network)

3) I do not want to use LDAP on server or client side

4) I am using PAM and have experimented with pam_radius_auth module without
success

5) The problem I am facing is that the login id has also to be defined
locally on client Linux machines --- otherwise, for example, the su command
fails indicating that the id does not exist (if I create the login id on
client locally, then it queries freeRadius server)

6) I do not want to add "ldap" to nsswitch.conf file of client --- just want
to stick to radius for now

 

In summary, is there a Linux client side HOW-TO for radius authentication
without requiring presence of the login id on client side locally?

 

Regards ... J. C. Desai

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060901/f0a81075/attachment.html>

More information about the Freeradius-Users mailing list