Hi I am researching the possibility of using freeradius/eduroam as authentication backend through PAM for SSH. This far in my research, i have run into a few questions that i cant quite find the correct answer to. Currently i cannot understand if the PAM module is able to handle the password as a hash, or if it is able to use secure communication such as EAP-TLS. Also, as eduroam is a hierarchy of radius servers, where the authentication request is forwarded until it reaches the right server, it requires the credentials are encrypted so only the user and the correct server can "see" them. I do quite understand if this is even possible to achieve from the PAM side of my use case. Can anyone provide some clarification on these cases? My English is not the best, so if my explanations is hard to understand, please let me know, and i will try again. -- Kristoffer Dalby Summer intern Abels gt. 5- Teknobyen NO-7465 Trondheim