ssh authentication failed problem use freeradius & pam_radius

sam jianxueqd1 at
Thu May 24 16:44:45 CEST 2012

The pam_radius_auth module is installed on linux, and if the user-A is not
created in local and  only existed in remote radius server.
In following function() in pam_radius_auth.c, the *password always is
  static int rad_converse(pam_handle_t *pamh, int msg_style, char *message,
char **password)
    CONST struct pam_conv *conv;
    struct pam_message resp_msg;
    CONST struct pam_message *msg[1];
    struct pam_response *resp = NULL;
    int retval;

    resp_msg.msg_style = msg_style;
    resp_msg.msg = message;
    msg[0] = &resp_msg;

    /* grab the password */
    retval = pam_get_item(pamh, PAM_CONV, (CONST void **) &conv);

    retval = conv->conv(1, msg, &resp,conv->appdata_ptr); < it seems the
resp is saved some useful info.

    if (password) {               /* assume msg.type needs a response */
      /* I'm not sure if this next bit is necessary on Linux */
    _pam_log(LOG_ERR, "enter in");
  #ifdef sun
      /* NULL response, fail authentication */
      if ((resp == NULL) || (resp->resp == NULL)) {
        return PAM_SYSTEM_ERR;

      *password = resp->resp;  <<<< saved the retrun value to *password.
(value is INCORRECT)

    return PAM_SUCCESS;

Not familiar with this module, can anybody give some instrutions?

View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list