Hello, I'm sure my query might have already been discussed. But couldnt search the mailing list. Can anyone please show pointers or answer this? I'm trying to perform Radius based authentication of any guest user using Linux PAM module 1.0 As radius client, pam_radius-1.3.17 plugin is used and freeradius server is used as Radius Server. I have performed the Radius client and server configurations according to the guidelines. I added the radius entry in /etc/pam.d/sshd: #%PAM-1.0 auth sufficient /lib/security/pam_radius_auth.so debug While i am trying of perform authentication of users, following are the outcomes depending upon user (trying to login) is locally configured or not. Users are trying to log-in via ssh. Both Users A and B are configured in Radius Server 1. If user A (locally configured in Linux M/C) tries to login, then Linux PAM gets the user/password information and send it to radius server. Radius Server authenticates the user/password in its database and sends successful acknowledgement to linux m/c. User is allowed to login. 2. If user B (not configured in Linux M/C) login, then Authentication is being rejected by Radius Server. Radius Server logs are showing that password in either malformed/incorrect ********************************************************************************************************************************************************************************************************************* Radius Server Logs: rad_recv: Access-Request packet from host 127.0.0.1:27138, id=117, length=91 User-Name = "abcd" User-Password = "\010\n\INCORRECT" NAS-IP-Address = 172.21.142.4 NAS-Identifier = "linux" NAS-Port = 26113 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = "172.21.142.140" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "abcd", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 modcall[authorize]: module "files" returns notfound for request 0 modcall: group authorize returns ok for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [abcd/\010\n\INCORRECT] (from client localhost port 26113 cli 172.21.142.140) WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS! ********************************************************************************************************************************************************************************************************************* SSHD Logs: May 27 13:14:07 localho sshd[26113]: debug1: PAM: initializing for "abcd" May 27 13:14:07 localho sshd[26113]: debug1: PAM: setting PAM_RHOST to "172.21.142.140" May 27 13:14:07 localho sshd[26113]: debug1: PAM: setting PAM_TTY to "ssh" May 27 13:14:09 localho sshd[26113]: pam_radius_auth: Got user name abcd May 27 13:14:09 localho sshd[26113]: pam_radius_auth: Sending RADIUS request code 1 May 27 13:14:09 localho sshd[26113]: pam_radius_auth: DEBUG: getservbyname(radius, udp) returned -1768845152. May 27 13:14:10 localho sshd[26113]: pam_radius_auth: RADIUS server 127.0.0.1 failed to respond May 27 13:14:10 localho sshd[26113]: pam_radius_auth: All RADIUS servers failed to respond. May 27 13:14:10 localho sshd[26113]: pam_radius_auth: authentication failed May 27 13:14:10 localho sshd(pam_unix)[26113]: check pass; user unknown May 27 13:14:10 localho sshd(pam_unix)[26113]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.21.142.140 May 27 13:14:13 localho sshd[26113]: debug1: PAM: password authentication failed for an illegal user: Authentication failure May 27 13:14:13 localho sshd[26113]: Failed password for invalid user abcd from ::ffff:172.21.142.140 port 36124 ssh2 ********************************************************************************************************************************************************************************************************************* After reading through couple of forums, i got the hint this is the way PAM works. Linux PAM has restriction to have user-id configured locally on Linux M/C for successful Radius Authentication But if we have the case of thousands of guest users, then it is not possible to add every user in machine itself. I am willing to know: 1. Is this is the way how PAM works. Is this limitation is present in PAM 2. I am using Linux PAM 1.0. Is there any patch/fix available in higher version of PAM? 3. Is there any way to overcome this issue by using some other libpam-radius-auth plugin. Though i do not think it is Radius client plugin issue. It will be really helpful if you can help/suggest me in this regards. Regards, Anand Neeli