ssh, pam, radius not playing nicely

Miles O'Neal meo at
Wed Oct 17 23:31:09 CEST 2007

We are trying to set up and ssh server and a VPN server to
both use the same radius server.  We are currently using
freeradius-1.0.1-3 with EL4.4 .  It works fine with our
Cisco 3015 VOPN concentrator.  It's not working so well
with our EL4.4-based ssh server.

I doanloaded the pam_radius_auth source and built and
installed per
and the INSTALL file that came with the software.  I
can get radtest to work just fine from the ssh system,
but when I try to authenticate via ssh onto that system,
it fails.

Running debug on the server, I was seeing this:

   User-Password = "\010\n\rINCORRECT"

I found something on the list saying this could happen
if the user wasn't in the passwd file on the ssh box.
I added the user there:


and now the radius server is happy.  It claims to be
authenticating OK (we use shadow passwd on the radius
server, but I did not make shadow entries on the ssh
box), but the ssh login fails.

Any ideas?


More information about the Freeradius-Users mailing list