Hi
I have installed
pam_radius_auth to work on Redhat 7.3 and it seems to work fine. I then installed (compiled) it on a Redhat
9 box and it seems to be behaving quite strange.
My pam.d/sshd file looks like
this
#%PAM-1.0
auth sufficient pam_radius_auth.so debug
auth
required
pam_stack.so service=system-auth
auth required pam_nologin.so
account
required
pam_stack.so service=system-auth
password
required
pam_stack.so service=system-auth
session
sufficient
pam_radius_auth.so debug
session
required
pam_stack.so service=system-auth
session required pam_limits.so
session
optional
pam_console.so
The session (accounting) part
of pam_radius_auth seems to work fine.
I can see packets going to the radius server when I do a tcpdump on the
client machine. This only
works when I hash out the first line "auth sufficient pam_radius_auth.so debug".
When the first line is not
hasshed the authentication kicks in and nothing happens when I enter a username
and password. I set tcpdump to
sniff for all packets going to the radius server but there is nothing.
My logs look like this.
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
Jun 20
When I try and log into the
box, the only info that pam_radius_auth give to the log is the "Got user
name xxxx" message.
What would the right syntax
be for a strace command to trace this?
So far I have recompiled,
copy bin from other machines but nothing seems to work.
Kind Regarsd
Christiaan Ehlers