Odd behavior on authentication

Philip Prindeville philipp_subx at redfish-solutions.com
Thu Nov 9 22:11:35 UTC 2023

> On Nov 8, 2023, at 12:31 PM, Alan DeKok <aland at deployingradius.com> wrote:
> On Nov 8, 2023, at 7:06 PM, Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>> Also, I've run "pam-auth-update --enable radius" to get pam_radius_auth.so plugged into the PAM stack, but how do I integrate it into /etc/nsswitch.conf as well?  This is on Ubuntu so I don't have authconfig/authselect which are RedHat only.
>  Ask the PAM people how PAM / nsswitch.conf works.  This isn't a FreeRADIUS issue.
>  Alan DeKok.

Discovered the following.  The password being passed up comes from pam-auth.c in sshd.  And if I put "ldap" into /etc/nsswitch.conf, then things work.

It shouldn't be hard to refactor the nss_ldap project so that it generates two plugins, one specifically for Radius.


More information about the Freeradius-Users mailing list