freebsd and
gahn
ipfreak at yahoo.com
Thu Jan 6 16:05:08 UTC 2011
thanks. i am looking into the suggestions.
best
gahn
--- On Wed, 1/5/11, Indexer <indexer at internode.on.net> wrote:
> From: Indexer <indexer at internode.on.net>
> Subject: Re: freebsd and
> To: "Bill Moran" <wmoran at potentialtech.com>
> Cc: "gahn" <ipfreak at yahoo.com>, "freebsd general questions" <freebsd-questions at freebsd.org>
> Date: Wednesday, January 5, 2011, 4:53 PM
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 06/01/2011, at 07:02, Bill Moran wrote:
>
> >
> > (don't see why this was on -current)
> >
> > In response to gahn <ipfreak at yahoo.com>:
> >> hi all:
> >>
> >> i set up the freeradius 21.100.1 on freebsd 8.1.
> it uses local authentication database of /etc/passwd (thanks
> to the previous discussions alan did with others). the
> problem is: it only works with the condition of the server
> id running as "root" instead of "freeradius" due to the one
> way MD5 hash of /etc/passwd file.
> >>
> >> are there any other better ways to implement
> this?
> >
> > a) Put the Radius server in a jail, so it can run as
> root without all the
> > security concerns.
> > b) Use something other than /etc/passwd
> authentication
> >
>
> Cant radius use pam? perhaps you should look into that.
>
> It may be a pain though, freeradius is largely
> undocumented, and what documentation exists is often
> incomplete, incorrect and full of people touting "IT JUST
> WORKS" when 99% of the time, It never works. Once you figure
> it out however, its great. I would highly recommend putting
> your raddb into a version control system.
>
> > --
> > Bill Moran
> > http://www.potentialtech.com
> > http://people.collaborativefusion.com/~wmoran/
> > _______________________________________________
> > freebsd-questions at freebsd.org
> mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
> William Brown
>
> pgp.mit.edu
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
>
> iQIcBAEBAgAGBQJNJRKdAAoJEHF16AnLoz6Je6YP/j5sfpXOReiyviyNututzGfA
> dS+/6MoBfumuzdLAxTZ5gCJ4r7hIWJSbl0vPbt8zDbigcGJKcuT63dfdeAsV/7vu
> /0KqeC1HbrS5mXB2bVVjUvxgm+LbTlTrS8pIkS3A1jWSvvYgqb5ABXL2gXDARJig
> pQ5Ehw/mJsgNNmYOrHD1FV5H1/0s0arXSK6rK/sJa7qBIyuLvfuatfK2NOFlPAr5
> ST1UqvGrEVP5vA4GGO3+l4m7CBIuzVBuVaLpTpsHUXcdjxoB0bgZrR6se42z7VFo
> PgClT1bKv/Ht8rD9EO6oRpASAHB89/K1HpNvHbV9KT+veuKcla0xVPilpyt+XMES
> c4iDxwOBzml+N6QPiGdD9+GhfvZbg2JBgHoGYFXclyDJFceiDVkMgTWN75miB+d4
> tMTZbtwkQNoobRmp/BCAlVqRJC3dUQeVqDSAUkuMf6ZU0WQWfh6g8qtGb0IA5mWH
> u0mRbBacEr4kx3bSeIzCb09DJMkDFmb1/kaQPVqUEYpU+ggW8yLV5sz/vdomdpRB
> 6hUfcXHnGK/GY4FsMPHaLTWghHdG6cFv8XwM/8ftsrCTtJYl0mD8xzSxqeTBCrua
> VPHcZ0d4gxe7reylYZfp8NqTAK96JBkRqEoTtYyi6Oiy8kbolY8SHiok98o/uydT
> nGM30URjS7EC7oSyL4N5
> =ppAO
> -----END PGP SIGNATURE-----
>
More information about the freebsd-questions
mailing list