create SSH accounts using RADIUS pam
Janis Heller
janis.heller at outlook.de
Mon Sep 5 18:08:11 CEST 2016
Would I only neeed to create a homedirectory or is there more I need to do to be able to login with radius login details?
-Isn't there a way to use REST for accounting (I don't use accounting section in radius at the moment) too?
Regards;
Am 5. September 2016 17:52:22 MESZ, schrieb Eero Volotinen <eero.volotinen at iki.fi>:
You could use some pam modules that can create homedirectory?
5.9.2016 5.30 ip. "Janis Heller" <janis.heller at outlook.de> kirjoitti:
I use the REST module of RADIUS to validate login requests (username &
password).
Now I would like my users to be able to login to some servers using SSH.
Their accounts should be all very unprivileged (just for SSH tunneling).
After setting up the pam sshd module I recognized the login would be only
possible by creating a new user with an empty password by using:
adduser testuser
on the server. Is there a way to prevent this and allow users to login in
case of RADIUS accepted their username & password.
I already searched for this problem:
http://serverfault.com/questions/567628/authenticate-
radius-user-using-pam-and-ssh
Setting up ldap would be a bit too much for this I think, isn’t there an
easier way?
All the best;
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/
list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list