sshd authentication

maxim maxim look2004il at gmail.com
Tue Jun 23 14:00:57 CEST 2009


i try to do  sshd authentication to external radius through a pam. on my
linux i have freeradius client
my packages: pam 1.0, pam_radius-1.3.17, openssh-4.3p2,
freeradius-client-snapshot-20080830

my /etc/pam.d/sshd look like this:

#%PAM-1.0
auth       sufficient   /lib/security/pam_radius_auth.so
auth       include      system-auth
#auth       sufficient   /lib/security/pam_radius_auth.so
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
session    optional     pam_keyinit.so force revoke
session    include      system-auth
session    required     pam_loginuid.so

My shared secret is configured in /etc/raddb/server file. The
radiusclient.conf configured too

sshd_config file:

#    $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM yes
Subsystem    sftp    /home/max/openssh-4.3p2/pc86//libexec/sftp-server

when i try to connect to sshd i have log message of wrong password, i check
it too on side of radius server.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090623/d8bfb7da/attachment.html>


More information about the Freeradius-Users mailing list