pam_auth_radius

Alan DeKok aland at deployingradius.com
Fri Feb 18 07:43:10 CET 2011


Marc Phillips wrote:
> Specifically:
> 
> Feb 17 19:21:22 mypocbox sshd[13804]: pam_radius_auth: Sending RADIUS request password ^M^?INCORRECT

  <sigh>  *Another* PAM module has decided that the password is wrong,
and has over-written it.  This prevents any other PAM module from
letting the user in.

  Or maybe it's SSH doing it.

> Hopefully tomorrow I'll solve that mystery, but if somebody has a clue as to why
> pam_radius_auth sends crap to radius if the user doesn't exist on the machine that
> would be useful information to have for my work tomorrow.

  It doesn't.  Look in the source, there's nothing about "INCORRECT".

  As a suggestion, if there are 5-6 pieces of software involved in
authentication, don't immediately jump to blaming the PAM radius module.

  Alan DeKok.



More information about the Freeradius-Users mailing list