how to allow only one authentication ?
Alan DeKok
aland at ox.org
Thu Jan 12 19:43:19 CET 2006
"Riccardo.Veraldi" <Riccardo.Veraldi at fi.infn.it> wrote:
> I would like only users with kerberos credentials to being able to
> authenticate
Then delete everything from the "authenticate" section, except for
"eap" and "krb5". Also, ensure that nothing in the "authorize"
section obtains a clear-text password for the user from a database.
That guarantees:
a) no password by which to authenticate someone
b) therefore they must use kerberos
c) they can't use anything other than kerberos
Everyone else will have no way to get authenticated, and will be
rejected.
Alan DeKok.
More information about the Freeradius-Users
mailing list