Odd behavior on authentication
Philip Prindeville
philipp_subx at redfish-solutions.com
Thu Nov 9 22:11:35 UTC 2023
> On Nov 8, 2023, at 12:31 PM, Alan DeKok <aland at deployingradius.com> wrote:
>
> On Nov 8, 2023, at 7:06 PM, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>
>> Also, I've run "pam-auth-update --enable radius" to get pam_radius_auth.so plugged into the PAM stack, but how do I integrate it into /etc/nsswitch.conf as well? This is on Ubuntu so I don't have authconfig/authselect which are RedHat only.
>
> Ask the PAM people how PAM / nsswitch.conf works. This isn't a FreeRADIUS issue.
>
> Alan DeKok.
Discovered the following. The password being passed up comes from pam-auth.c in sshd. And if I put "ldap" into /etc/nsswitch.conf, then things work.
It shouldn't be hard to refactor the nss_ldap project so that it generates two plugins, one specifically for Radius.
-Philip
More information about the Freeradius-Users
mailing list