> Not sure how ssh/telnet will handle. That depends on your pam radius module. I believe freeradius hosted module can handle it. Don't know for others.
> But I assume, other than password it > may request for additional RSA key generated to access a particular > machine > or something similar to that. Why? Server already knows it's RSA key. This has nothing to do with user authentication. > Also, does NAS need any installation to support Access-Challenge like > CHAP? It needs pam module that supports it. BTW chap doesn't have Access-Challenge in the authentication process. Nor mschap. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html