SSH, PAM and FR authentication
David Li
dlipubkey at gmail.com
Wed May 14 02:01:54 CEST 2014
Hi,
My question perhaps is crossing boundaries of Openssh, PAM and FR. I did
some Google search but can't seem to find an answer.
It seems if I don't have a user prior configured in a "datastore" e.g.
/etc/passwd, mysql or ldap, then my attempt to login using ssh as the user
would just fail even if I have the user set up in FR server. Several posts
on the Internet suggested that there might be a need for a "libnss-radius"
like package to allow ssh to look up the user in FR.
I am wondering if there are some security reasons that no such package has
been developed so far. People must have thought about this I guess. Besides
configuring the user id in a separate datastore prior to authentication, is
there any other way to solve this issue.
Best,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140513/2f91ab9a/attachment.html>
More information about the Freeradius-Users
mailing list