On Tue, Feb 12, 2013 at 3:50 PM, T W <gqman10@yahoo.com> wrote:
All,
I got this working at the end of last year, but now I've having trouble. I'm setting up SSH access using RADIUS auth on a Ubuntu 12.10 system. Im using the latest version of libpam-radius-auth (1.3.17-0ubuntu4) and have followed the readme along with many other explanations and can not get it working. I'm getting the same error even when I try on different VM's running different versions of Ubuntu. The error "PAM (sshd) illegal module type: auth" makes it sound like it does not support the auth method. Anyone else run into this?
Haven't run into what you've described, but we do use the RADIUS client PAM module as you've noted. Our /etc/pam.d/sshd looks like: # PAM configuration for the Secure Shell service # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. auth required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. auth required pam_env.so envfile=/etc/default/locale auth sufficient pam_radius_auth.so # Standard Un*x authentication. #@include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Un*x authorization. @include common-account # Standard Un*x session setup and teardown. @include common-session # Print the message of the day upon successful login. # This includes a dynamically generated part from /run/motd.dynamic # and a static (admin-editable) part from /etc/motd. session optional pam_motd.so motd=/run/motd.dynamic noupdate session optional pam_motd.so # [1] # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Set up SELinux capabilities (need modified pam) # session required pam_selinux.so multiple # Standard Un*x password updating. @include common-password Hope that helps. -mz