Marc Phillips wrote:
Specifically:
Feb 17 19:21:22 mypocbox sshd[13804]: pam_radius_auth: Sending RADIUS request password ^M^?INCORRECT
<sigh> *Another* PAM module has decided that the password is wrong, and has over-written it. This prevents any other PAM module from letting the user in. Or maybe it's SSH doing it.
Hopefully tomorrow I'll solve that mystery, but if somebody has a clue as to why pam_radius_auth sends crap to radius if the user doesn't exist on the machine that would be useful information to have for my work tomorrow.
It doesn't. Look in the source, there's nothing about "INCORRECT". As a suggestion, if there are 5-6 pieces of software involved in authentication, don't immediately jump to blaming the PAM radius module. Alan DeKok.