Alan DeKok wrote:
Walter Tautz <wtautz@cs.uwaterloo.ca> wrote:
What I am trying to do: ======================
Use the /etc/shadow,/etc/passwd file on the server for user authenticatication.
I have configure (on the client) /etc/pam.d/common-auth with contents:
The main problem with PAM RADIUS authentication is that you can't currently get UID, GID, shell, etc. through the PAM RADIUS module.
In short it only used /etc/shadow to verify passwd and you still need a local /etc/passwd file and /etc/shadow but one could set the passwd there to be disabled?
rad_recv: Access-Request packet from host 129.97.152.227:2770, id=124, length=102 User-Name = "test-walter" User-Password = "\010\n\rINCORRECT"
That looks wrong. Is that actually what you typed?
Definitely not. Does it have something to do with encrypted passwd format, i.e. crypt, md5 or something??
rlm_unix: [test-walter]: invalid password
Which would seem to make sense.
WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS!
It might be a 64-bit issue with the PAM RADIUS module. See it's source for details... I haven't really looked at it for a few years now.
Where can I find the official source? -Walter