Re: Radius client configuration issue
Hi Ivan, I think there is some confusion. Let me explain, we have 2 separate machine. On one machine (Linux), radius server is setup and running independantly. on this machine, we have made the changes(/etc/raddb/server/pam_radius_auth.conf ) On another machine, which is client machine (On Solaris), PAM is configured in SSH. Also, on this machine, we have pam.conf (/etc/pam.conf) and sshd_config files where authentication libraries and other properties are set. Now, I have to login through my client machine (radius client), and it has to sent information to linux machine (where radius server's setup is done). Per the understanding, Radius server will authenticate user when PAM is enabled. But it is not clear, how Radius client (on Solaris machine) knows to communicate with Radius Server (on Linux machine). 1. Do we configure ip address of Radius server (on linux) at Radius client (on Solaris machine) ? 2. Do we give username details on Radius server (on linux) machine? I hope it might help to understand the scenario. Regards, Meraj mer...@gmail.com wrote: > > Hi Ivan, > I have gone thorugh the link and check all the files. I also tried to > compare with my existing installation: > > 1) As per the given link, it seems that pam.conf is configured as: > > login auth sufficient /usr/lib/security/pam_radius_auth.so.1 > login auth required /usr/lib/security/pam_unix_auth.so.1 > telnet authsufficient /usr/lib/security/pam_radius_auth.so.1 > telnet authrequired/usr/lib/security/pam_unix.so.1 > > which is on Solaris 2.6. > > In our configuration on Solaris 5.10, pam.conf contains: > > login auth requisite pam_authtok_get.so.1 > login auth required pam_dhkeys.so.1 > login auth required pam_unix_cred.so.1 > login auth required pam_unix_auth.so.1 > login auth required pam_dial_auth.so.1 > > where libraries are in folder /usr/lib/security > > > 2) pam_radius_auth.conf is set at radius server (/etc/raddb/server), which > contains server ip address and secret. > 3) Also, client info is set in /etc/raddb/clients.conf on radius server > > But I could not find where radius server ip is configured in radius > client. I am not able to find how radius client knows about radius server. > Please let me know if I am missing anything. > > Regards, > Meraj > > > Ivan Kalik wrote: >> >>> thanks for the link. >>> >>> I want to know if we can give radius server ip address and secret in >>> pam.conf file. >> >> No. >> >>> I tried to configure radius server with CLI, but it doesn't seems to >>> work. >>> Can you please tell me how to configure radius server in radius client >>> to >>> work. >> >> Did you actually read that linked page? It *does* say how and where to do >> that. >> >> Ivan Kalik >> Kalik Informatika ISP >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> > > -- View this message in context: http://www.nabble.com/Radius-client-configuration-issue-tp24678845p24698100.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client configuration issue
Hi Ivan, I have gone thorugh the link and check all the files. I also tried to compare with my existing installation: 1) As per the given link, it seems that pam.conf is configured as: login auth sufficient /usr/lib/security/pam_radius_auth.so.1 login auth required /usr/lib/security/pam_unix_auth.so.1 telnet authsufficient /usr/lib/security/pam_radius_auth.so.1 telnet authrequired/usr/lib/security/pam_unix.so.1 which is on Solaris 2.6. In our configuration on Solaris 5.10, pam.conf contains: login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 where libraries are in folder /usr/lib/security 2) pam_radius_auth.conf is set at radius server (/etc/raddb/server), which contains server ip address and secret. 3) Also, client info is set in /etc/raddb/clients.conf on radius server But I could not find where radius server ip is configured in radius client. I am not able to find how radius client knows about radius server. Please let me know if I am missing anything. Regards, Meraj Ivan Kalik wrote: > >> thanks for the link. >> >> I want to know if we can give radius server ip address and secret in >> pam.conf file. > > No. > >> I tried to configure radius server with CLI, but it doesn't seems to >> work. >> Can you please tell me how to configure radius server in radius client to >> work. > > Did you actually read that linked page? It *does* say how and where to do > that. > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: http://www.nabble.com/Radius-client-configuration-issue-tp24678845p24697685.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client configuration issue
thanks for the link. I want to know if we can give radius server ip address and secret in pam.conf file. I tried to configure radius server with CLI, but it doesn't seems to work. Can you please tell me how to configure radius server in radius client to work. Ivan Kalik wrote: > >> I want to use PAM for user authentication. >> >> I am trying to setup radius client but unable to configure it. Radius >> client's setup is at Solaris and Radius Server (RKS emulator) is at Linux >> machine. >> >> Can any one tell the procedure to configure radius client so that it can >> communicate with Radius server? Is there any script required for that or >> all >> the commands needed to configure are in some config file? >> >> Also, how to login with radius client to check the authentication. > > http://freeradius.org/pam_radius_auth/ > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: http://www.nabble.com/Radius-client-configuration-issue-tp24678845p24695245.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius client configuration issue
I want to use PAM for user authentication. I am trying to setup radius client but unable to configure it. Radius client's setup is at Solaris and Radius Server (RKS emulator) is at Linux machine. Can any one tell the procedure to configure radius client so that it can communicate with Radius server? Is there any script required for that or all the commands needed to configure are in some config file? Also, how to login with radius client to check the authentication. Thanks in Advance. -- View this message in context: http://www.nabble.com/Radius-client-configuration-issue-tp24678845p24678845.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html