create SSH accounts using RADIUS pam
Eero Volotinen
eero.volotinen at iki.fi
Mon Sep 5 17:52:22 CEST 2016
You could use some pam modules that can create homedirectory?
5.9.2016 5.30 ip. "Janis Heller" <janis.heller at outlook.de> kirjoitti:
> I use the REST module of RADIUS to validate login requests (username &
> password).
> Now I would like my users to be able to login to some servers using SSH.
> Their accounts should be all very unprivileged (just for SSH tunneling).
> After setting up the pam sshd module I recognized the login would be only
> possible by creating a new user with an empty password by using:
>
> adduser testuser
>
> on the server. Is there a way to prevent this and allow users to login in
> case of RADIUS accepted their username & password.
> I already searched for this problem:
>
> http://serverfault.com/questions/567628/authenticate-
> radius-user-using-pam-and-ssh
>
> Setting up ldap would be a bit too much for this I think, isn’t there an
> easier way?
>
> All the best;
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
More information about the Freeradius-Users
mailing list