Marius.Meisner <marius.meis...@googlemail.com> wrote: > > I am not close with RE, but in Debian you may need the packet > libpam-radius-auth. I have chosen the way over PAM Module to communicate > between radius and sshd. So you may configure files like /etc/pam.d/sshd > - if its the same under RE. > TBH, a situation where you run more than one SSH instance on a single box generally means something is not right.
To fold things back into a single daemon, I would just do something like the following: ---- auth sufficient pam_unix.so auth sufficient pam_radius_auth.so auth required pam_opie.so <--- last one should be 'required' ---- However, to be honest, no-one should not be using pam_unix.so in this day and age for SSH. Arguably you probably should not back SSH login's with any username/password auth. So, as I am one never to pass on the opportunity of shameless self promotion, I recommend putting your SSH public keys in LDAP: http://www.digriz.org.uk/lpkfuse Cheers -- Alexander Clouter .sigmonster says: "The Schizophrenic: An Unauthorized Autobiography" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html