> Hi, > > I'm using OpenBSD 4.5-stable, and I'm trying to configure RADIUS > authentication. What I want is for the system to try the > RADIUS server, > and if it fails, fall back to the local password file. In > login.conf I have > > auth-defaults:auth=radius,passwd:radius-server=my.radius.server > > If the RADIUS server isn't there for whatever reason, the > system doesn't > fallback to password file authentication. The same happens > if I specify > the methods the other way round: the RADIUS server is never > tried even > if the password-file-based login fails. > > I need to make sure that I can always log in even if the > RADIUS server > has gone away. Is it possible to configure the system in this way? > > Thanks > - Ian
Why not make a new login class for radius users and make yourself "backup" users in default class? Normally you'd login with users from the radius class and if that fails you'd use a user form the default class. Of course, that way you'd have to use different login names for the two classes. Regards, Daniel.