Freeradius: change user passwords through pam_radius
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Tue May 28 00:13:28 CEST 2013
On 27 May 2013, at 18:03, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>
> On 27 May 2013, at 15:26, Roberto Carna <robertocarna36 at gmail.com> wrote:
>
>> Dear, I have a Linux box authenticating SSH users against Freeradius. It works OK.
>>
>> When the users go into the Linux box via SSH, I need them to change their own radius passwords. For this reason, I edited the /etc/pam.d/passwd file as follow:
>> password sufficient pam_radius_auth.so
>>
>>
>> @include common-auth
>>
>> in order to communicate with our freeradius and change the user's password executing the "passwd" command in the shell.
>>
>> But te passwords never chages and I get this error:
>>
>> Password:
>> New password:
>> New password (again):
>> Enter new UNIX password:
>> Retype new UNIX password:
>> passwd: Authentication token manipulation error
>> passwd: password unchanged
>>
>> is it possible to do what I want ??
>
> No.
Actually PAM radius code does have references to password change functionality. No idea how it works though. Recommend you RTFS.
https://github.com/FreeRADIUS/pam_radius/blob/master/pam_radius_auth.c
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
More information about the Freeradius-Users
mailing list