Pardon the intrusion, I wanted to see if anyone else had been in this situation so I didn't have to reinvent the wheel if I didn't have to.
Basically I want to pass along all Radius authentication to a RSA SecurID server. I don't want it to do anything else other than that. (Basically because RSA SecurID has a PAM module for Linux, but several of my servers/network devices are RADIUS only, I want to be able to use my fobs) I have the PAM module talking to the server so I know it works. Just confused as to why the Radius Daemon is not chatting to it. My /etc/pam.d/radiusd looks like... #PAM-1.0 auth required /lib/security/pam_securid.so auth required /lib/security/pam_nologin.so account required /lib/security/pam_userdb.so The PAM part of the startup (running radiusd -X -A to see debugging info) Module: Loaded Pam pam: pam_auth = "radiusd" Module: Instantiated pam (pam) Using the radius client off of www.efinesoft.com to see the messages back and forth. In my users file I have DEFAULT Auth-Type:=PAM Fall-Through=Yes When I click send with the username of cjtest it just rejects me and I don't see a reject or any "garbage" on the RSA servers side like I do if I mess up the install of OpenSSH pointing to the securid server. I get this... Ready to process requests. rad_recv: Access-Request packet from host 192.168.xxx.xxx:3035, id=19, length=28 User-Name = "cjtest" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module "chap" returns noop modcall[authorize]: module "mschap" returns notfound rlm_realm: No '@' in User-Name = "cjtest", looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 75 users: Matched DEFAULT at 155 users: Matched DEFAULT at 162 users: Matched DEFAULT at 221 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate rlm_unix: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "unix" returns invalid modcall: group authenticate returns invalid auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request (75 is the line with DEFAULT Auth-Type:=PAM) Do you have any pointers on where to look next or if this is even possible? Thanks, -Chris __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html