<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16546" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>
<DIV><FONT face=Arial size=2>
<DIV><FONT face=Arial size=2>Hello:</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=Arial size=2>I am having trouble getting pam_radius working and
was wondering if someone might be of help since </FONT><FONT face=Arial size=2>I
followed the INSTALL instructions as well as a howto (as provided by
the Wikid folks) and I am still coming up short getting it
working.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Here are some of my details</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>- My PAM is such it is by service (Fedora 7 --
0.99.7.1-5.1)....sshd being what I am most interested in, the default config for
it looks like the below on a host I want talking to radius. What does this
need to look like in terms of the pam_radius_auth.so related stanzas to get it
working? Neither the INSTALL instructions or a howto I found would
work.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV>/etc/pam.d/sshd (default below)</DIV>
<DIV> </DIV>
<DIV><FONT face=Arial
size=2>#%PAM-1.0<BR>auth
include system-auth<BR>account
required pam_nologin.so<BR>account
include system-auth<BR>password
include system-auth<BR>session
optional pam_keyinit.so force
revoke<BR>session include
system-auth<BR>session required
pam_loginuid.so</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>- My Radius box runs freeradius
(freeradius-1.1.7-3.1) with LDAP (fedora-ds) backending it with the
user/pass info, got it working for Cisco's but have yet to get PAM
working. I just get 'Access denied' -- tried the later with a user defined
on the host with no password or with a password and won't work.</FONT></DIV>
<DIV> </DIV>
<DIV>Pretty simple, no huntgroups or anythig like that just plain and simple
binding against LDAP.</DIV>
<DIV> </DIV>
<DIV>I think what I am looking for are...</DIV>
<DIV> </DIV>
<DIV>1- Pam configuration on the host (ie- /etc/pam.d/sshd)</DIV>
<DIV>2- Pam configuration requirements as far as the radius server is concerned.
Be helpful to see what all I might need that I am possibly missing in conf
files.</DIV>
<DIV> </DIV>
<DIV>Thank you!</DIV></FONT></DIV></FONT></DIV></BODY></HTML>