On Wed, Mar 26, 2014 at 10:25 PM, Lloyd Gill <lhg@jhmi.edu> wrote:
I would be surprised we are the only unix/linux shop that is deploying multi-factor authentication using radius on AIX.
I wouldn't be surprised at all. We had some AIX boxes many years ago, and finally decided it was not worthed. Not for running the software we needed. So when the time came to replace the hardware, x86 + linux (and in some cases, vmware/xen) took their place. While AIX/ppc is somewhat more linux-like (compared to, say, tru64), some OSS programs would perform more poorly compared to their x86/linux counterpart (with similar spec/price range) due to lack of optimizations (e.g. BIND when running multiple thread, at least at that time), and others simply won't compile (like you just found out with pam_radius_auth). WRT multi-factor auth, there are vendors who sell hardware-token based solution, which should be more suitable for enterprises who still use AIX. So unless you can fix the code and send a patch (or hire someone to do so), these kind of vendors are probably your best bet. -- Fajar