problem with pam authentication via radius
Vladimir Voronin
vvs at teleportsv.net
Tue Oct 12 08:02:59 PDT 2004
I try to make PAM authentication on FreeBSD-server (FreeBSD 5.3-BETA1)
using RADIUS (freeradius-0.9.3_1) and RADIUS using LDAP
(openldap-server-2.2.14).
/etc/pam.d/sshd :
auth sufficient pam_radius.so
auth required pam_nologin.so no_warn
auth sufficient pam_opie.so no_warn
no_fake_prompts
auth requisite pam_opieaccess.so no_warn allow_local
auth required pam_unix.so no_warn try_first_pass
account sufficient pam_radius.so
account required pam_login_access.so
account required pam_unix.so
session required pam_permit.so
password required pam_unix.so no_warn try_first_pass
There are not any problem when I try authenticate user, who exists in
/etc/passwd. PAM asks RADIUS and RADIUS compares data with data in
LDAP-database. But when authenticate user who exists only in
LDAP-database (and there isn't in /etc/passwd on FreeBSD-server)
PAM isn't ask RADIUS (nothing in logs of RADIUS). Why this situation
take place?
How to fix this problem?
More information about the freebsd-net
mailing list