local ssh authentication via radius possible?

tnt at kalik.co.yu tnt at kalik.co.yu
Mon Nov 26 23:21:00 CET 2007


Run server in debug mode and post the output. Open one session for
radtest and another for radiusd -X.

Ivan Kalik
Kalik Informatika ISP


Dana 26/11/2007, "Dan Gahlinger" <dgahling at hotmail.com> piše:

>
>if I do that, I get this:
>
>radtest testing callme 127.0.0.1 10 testing123
>Sending Access-Request of id 196 to 127.0.0.1 port 1812
>        User-Name = "testing"
>        User-Password = "callme"
>        NAS-IP-Address = 255.255.255.255
>        NAS-Port = 10
>Re-sending Access-Request of id 196 to 127.0.0.1 port 1812
>        User-Name = "testing"
>        User-Password = "callme"
>        NAS-IP-Address = 255.255.255.255
>        NAS-Port = 10
>rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=196, length=20
>
>users config for that test is just this:
>testing Cleartext-Password := "callme"
>
>> To: freeradius-users at lists.freeradius.org
>> Subject: RE: local ssh authentication via radius possible?
>> Date: Mon, 26 Nov 2007 21:58:00 +0100
>> From: tnt at kalik.co.yu
>> 
>> >Login-Service is set to "TCP-Clear" now, 
>> 
>> Leave just username and password. Delete all the rest for that user. You
>> don't need that.
>> 
>> >and the log file produces only this:
>> >Mon Nov 26 12:43:45 2007 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
>> >Mon Nov 26 12:43:45 2007 : Info: Ready to process requests.
>> >
>> >and nothing else. No other logs anywhere, not even a failed "ssh" log in messages, warn, etc.
>> 
>> Which is good. It's a step in the right direction - at least users file
>> isn't broken anymore. Now send a request to it. First use radtest. Then
>> try PAM.
>> 
>> Ivan Kalik
>> Kalik Informatika ISP
>> 
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>_________________________________________________________________
>R U Ready for Windows Live Messenger Beta 8.5? Try it today!
>http://entertainment.sympatico.msn.ca/WindowsLiveMessenger
>




More information about the Freeradius-Users mailing list