pam_radius_auth delay

Steve Phillips steve at focb.co.nz
Sat Apr 29 02:58:53 CEST 2017 

Ahh, wait - bad form replying to myself I know, but realise what you just mentioned was the host generating the query.

I'll look into this and ensure there is a PTR entry, but I'm pretty sure there was.

Of note though, surely the system would just use the 'hostname' to populate this rather than trying to do a PTR lookup?

-- 
Steve.

On 29/04/2017, 10:54 AM, "Freeradius-Users on behalf of Steve Phillips" <freeradius-users-bounces+steve=focb.co.nz at lists.freeradius.org on behalf of steve at focb.co.nz> wrote:

    Hey Matthew,
    
    The delay happens if I use an IP address or a FQDN, and whether the FQDN is in the DNS system (of which there are two servers on the same subnet/switch) or if it is in my /etc/hosts file. This was one my original thoughts as well as generally delays like this are due to some form of timeout - but there doesn’t seem to be anything in the logs indicating a timeout.
    
    -- 
    Steve.
    
    On 28/04/2017, 8:10 PM, "Freeradius-Users on behalf of Matthew Newton" <freeradius-users-bounces+steve=focb.co.nz at lists.freeradius.org on behalf of mcn4 at leicester.ac.uk> wrote:
    
        Given that between these two log lines
        
        On Fri, Apr 28, 2017 at 04:35:21PM +1000, Steve Phillips wrote:
        > Apr 28 16:09:40 bastion sshd[9197]: pam_radius_auth: ignore last_pass, force_prompt set
        
        <here>
        
        > Apr 28 16:10:00 bastion sshd[9197]: pam_radius_auth: Sending RADIUS request code 1
        
        there is a call to add a RADIUS attribute with details of the
        remote host the user is connecting from, I would suspect that
        there is a missing reverse DNS entry for it.
        
        Matthew
        
        
        -- 
        Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
        
        Systems Specialist, Infrastructure Services,
        I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
        
        For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
        -
        List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
    -
    List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5610 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20170429/798dec2f/attachment.bin>

More information about the Freeradius-Users mailing list