I got it to work from the command line. Now I can run radtest from the test workstation and it successfully connects to the server and authenticates the username and password. I’m still having trouble with the pam_radius_auth module though. More to the point, I’m having trouble with PAM. Here are the contents of the important files (what I think are relevant files): /etc/pam.d/sshd (on workstation):#%PAM-1.0auth sufficient /lib/security/pam_radius_auth.so debugauth required /lib/security/pam_stack.so service=system-authauth required /lib/security/pam_nologin.soaccount required /lib/security/pam_stack.so service=system-authpassword sufficient /lib/security/pam_radius_auth.so debugpassword required /lib/security/pam_stack.so service=system-authsession required /lib/security/pam_stack.so service=system-authsession required /lib/security/pam_limits.sosession optional /lib/security/pam_console.so /etc/pam.d/system-auth (on workstation):#%PAM-1.0# This file is auto-generated.# User changes will be destroyed the next time authconfig is run.auth required /lib/security/pam_env.soauth sufficient /lib/security/pam_unix.so likeauth nullokauth required /lib/security/pam_deny.soaccount required /lib/security/pam_unix.sopassword required /lib/security/pam_cracklib.so retry=3 type=password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadowpassword required /lib/security/pam_deny.sosession required /lib/security/pam_limits.sosession required /lib/security/pam_unix.so /etc/raddb/server (on workstation) file only has:servername:1645 testsecret 3 If anyone has any ideas on what could be wrong, let me know. Shannon Alan, =20 I finally figured out what my problem was with the Freeradius servercommunicating to the SQL database, and I got that up and working (fromthe localhost). Thank you everybody for all your help. :-) =20 Now I'm trying to figure out how to get my workstations to communicatewith the server. I'm running Red Hat 8, which has a slightly differentPAM setup than previous versions. From my rather limited understandingof PAM, it looks like almost every application refers back to/etc/pam.d/system-auth to authenticate. I tried adding the line "authsufficient /lib/security/pam_radius_auth.so" into sshd, but it doesn'twork. It gives me a protocol error. The FreeRadius server never evengets the request, so it must be something to do with PAM or the clientsetup. I tried running radtest from the client command line, but thatalso never gets to the server (or doesn't show up when it's in debugmode). After I get that working, I would like it to map a coupledirectories via NFS (or something more secure, if possible). Any ideas? =20 Shannon
