Hello all, I am using PAM radius module version 1.4.1 Testing sample: PAM radius does not support authorization. I DO NOT require accounting and authorization and have kept the return types as optional. Configure radius server and trying to login using radius users. Syslog is enabled Scenario 1: The following is the configuration inside /etc/pam.d/ # cat ssh auth sufficient /lib/security/pam_radius_auth.so debug account optional /lib/security/pam_radius_auth.so debug session optional /lib/security/pam_radius_auth.so debug auth required /lib/security/pam_unix.so use_first_pass account optional /lib/security/pam_unix.so use_first_pass session optional /lib/security/pam_unix.so use_first_pass # cat php auth required /lib/security/pam_succeed_if.so user != root quiet auth sufficient /lib/security/pam_radius_auth.so debug account optional /lib/security/pam_radius_auth.so debug session optional /lib/security/pam_radius_auth.so debug auth required /lib/security/pam_unix.so use_first_pass account optional /lib/security/pam_unix.so use_first_pass session optional /lib/security/pam_unix.so use_first_pass SSH - Always successful WEB - Sometimes, the login fails (NOT always) The following are noticed during the failure scenarios 1. Radius authentication always succeeds and final SYSLOG from radius module received is *USER.DEBUG. php: pam_radius_auth: authentication succeeded* 2. After this, the following SYSLOG is seen and login failed *AUTHPRIV.WARNING. php: pam_unix(php:auth): check pass; user unknownAUTHPRIV.NOTICE. php: pam_unix(php:auth): authentication failure, logname= uid=0 euid=0 tty= ruser= rhost=<IP address>* Scenario 2: I did the following changes with respect to the configuration to skip pam_unix and depend on pam_radius only. # cat ssh auth sufficient /lib/security/pam_radius_auth.so debug account optional /lib/security/pam_radius_auth.so debug session optional /lib/security/pam_radius_auth.so debug # cat php auth required /lib/security/pam_succeed_if.so user != root quiet auth sufficient /lib/security/pam_radius_auth.so debug account optional /lib/security/pam_radius_auth.so debug session optional /lib/security/pam_radius_auth.so debug SSH - Always successful WEB - Sometimes, the login fails (NOT always) The following are noticed during the failure scenarios 1. Radius authentication always succeeds and final SYSLOG from radius module received is *USER.DEBUG. php: pam_radius_auth: authentication succeeded* 2. After this, there are no SYSLOG messages In both cases, login fails sometimes and only through a WEB interface. Could you please provide any suggestions on the above? Why is the user unknown in scenario 1 Thanks, Rajesh