Pam radius authentication

danieldinu at danieldinu at
Tue Oct 17 08:48:19 CEST 2006

First of all, thank you for your reply. Until now, you are the only one.

Now, let's take it step by step:

This is a part of INSTALL:
 Redhat Linux > 5.0


  Copy '' to /lib/security/

  In the per-application configuration (/etc/pam.d/application) add:

auth       sufficient   /lib/security/


auth       required     /lib/security/

  and BEFORE

auth       required     /lib/security/


auth       required     /lib/security/
auth       sufficient   /lib/security/
auth       required     /lib/security/

My linux is RedHat 9, so this part pertains to my machine : "Redhat Linux > 5.0"


  Copy '' to /lib/security/" - already did...

"In the per-application configuration (/etc/pam.d/application) add:" - I want to use pam radius to authenticate ssh logins, so "(/etc/pam.d/application)" becomes "/etc/pam.d/sshd"

"auth       required
auth       sufficient debug
auth       required     /lib/security/"
-this part from INSTALL is identical to my /etc/pam.d/sshd...all of this modules deal with authentication ("auth"). pam_securetty verifies if root can login through tty by reading /etc/securetty. "required" means that this step is mandatory and that after this verification, the next authentication method will take place.
this is where pam_radius_auth comes. the messages are exchanged as explained in my my previuos e-mail. "sufficient" means that if this authentication succeeds, the following authentication methods will not be other terms: "auth       required     /lib/security/" will be passed.

I don't understand why you are saying that "you are invoking pam_radius_auth in the wrong place and for the wrong reason"...please, be more specific and if you know the right configuration, enlight me!

Again, any help would be appreciated!

>> anyone??? pls!!! no suggestions at all ? :(
>I'd read the INSTALL doc that coems as part of the pam_radius
>> >   - cat /etc/pam.d/sshd
>> >#%PAM-1.0
>> >auth       required
>> >auth       sufficient debug
>> >auth       required     /lib/security/
>> >account    required debug
>> >password   required service=system-auth
>> >session    required service=system-auth
>> >session    required
>> >session    optional
>no. your invoking pam_radius_auth in the wrong place and for the wrong reason.
>again the INSTALL is your friend.
>your radius configuration appears to be correct
>List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list