SSH-login authentication, using Active Directory credentials.

suraj shankar surajvshankar at yahoo.com
Fri Jan 25 14:31:43 CET 2008


--- tnt at kalik.co.yu wrote:

> >Is there a better way, using radius? 

> No. Once user is authenticated radius has nothing to
> do with them (you
> say that they can increase privileges after
> authentication). Can't you
> put them in jail.
Yeah, I would eventually do that, if there is no
'better way'. But usually the App. administrators
complain that they are crippled by insufficient
privileges. So I am looking for something more
creative ... :)
And so, what I really meant by a 'better way' was like
a way to tell pam_radius_auth, to use a certificate
instead of a PSK! ... or something like that ...

Hey, but thanks Ivan, for the suggestion - will lock
them up, if I can't find a better way!

Regards,
suraj.


      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping



More information about the Freeradius-Users mailing list