SSH-Login libpam-radius-auth
Marius.Meisner
marius.meisner at googlemail.com
Sat Jan 29 15:23:29 CET 2011
Hi Alan,
thx for your response - I've fixed it now. There where two things to do,
one pam issue and one radius issue.
For the libpam-radius-auth its necessary to add a user on the local
system, so that there is an entry for each user to authenticate by
radius over pam.
The second thing was, that then the passwords were used from the passwd
instead of the entries in database or user-file. A change in the
sites-enabled/default was needed to fix that. The order in the authorize
{...} - part must be changed from
...
unix
file
sql
...
to
...
file
sql
unix
...
because the first match wins and gets the password out of its entries,
without looking for the other ones.
So everything works fine until the next project ;-)
Greets
MM
Am 28.01.2011 09:38, schrieb Alan DeKok:
> Marius.Meisner wrote:
>> If I try to authenticate from ssh I receive this message:
>>
>> rad_recv: Access-Request packet from host 127.0.0.1 port 3666, id=208,
>> length=88
>> User-Name = "lisa"
>> User-Password = "\010\n\r\177INCORRECT"
>
> The password is being changed by the PAM libraries on the machine. Go
> fix that.
>
> This is a PAM issue, and is not a RADIUS issue.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list