If I dont configure step 4, I am not locked out on the client. 4- Added following line to /etc/pam.d/common_session session required pam_radius_auth.so Thanks On Mon, Feb 4, 2013 at 4:47 PM, Deepti kulkarni <deepti.kdeeps@gmail.com>wrote:
Hello,
I have a debian machine that acts as RADIUS client talking with the Freeradius server. I have configured PAM on the client, so made following changes.
1 - Added radiusd to /etc/pam.d which contains - @include common-auth @include common-account @include common-password @include common-session
2 - Added following line to /etc/pam.d/common_auth auth sufficient pam_radius_auth.so
3 - Added following line to /etc/pam.d/common_account account required pam_radius_auth.so
4- Added following line to /etc/pam.d/common_session session required pam_radius_auth.so
5 - Added server-ip and secret key to /etc/pam_radius_auth.conf
Authentication and accounting works fine after I configure the above on the client. As soon as I reboot client, login fails with error - "cannot make/remove an entry for the specified session". Cannot login into the client.
Thanks