Re: OpenSSH, PAM and pam_radius_auth

2008-01-09 Thread Alan DeKok
Sobanbabu Bakthavathsalu wrote: >>> We have entry in the /etc/hosts file for radius1 server, but the pam_auth >>> module is having issues in reading it. >>> You have seen the error, even if we give the IP address, it tries to >>> resolve it to IP again. Hmm... I think it may be necessary also

RE: OpenSSH, PAM and pam_radius_auth

2008-01-09 Thread Sobanbabu Bakthavathsalu
Hi Alan, So fix DNS so that it has a name to IP mapping for that host. Or, add that name to IP mapping into /etc/hosts. The module can't do anything if you tell it to use "radius1" as a RADIUS server, and the don't tell it where "radius1" is on the network. >> We have entry in the /etc

Re: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread Johan Rydberg
Alan DeKok skrev: PAM does weird things. OpenSSH does weird things. I've noticed that. Things got a bit better by setting the "ChallengeResponseAuthentication" option to no in sshd_config. ~j - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread Alan DeKok
Johan Rydberg wrote: > It seems that OpenSSH first tries to authetnicate the user with an > empty password (""), because if I set an empty password both in the > local /etc/passwd, and on the RADIUS server, sshd is able to establish > credentials for the user. PAM does weird things. OpenSSH doe

Re: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread Alan DeKok
Sobanbabu Bakthavathsalu wrote: > Hi Johan, > > Its good to hear that you reached up a level where Radius is working fine. > But we are unable to break the jinx, and I am getting the following error > when trying to telnet to the box. The installation and configuration of pam > radius module we

RE: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread Sobanbabu Bakthavathsalu
Hi Johan, Its good to hear that you reached up a level where Radius is working fine. But we are unable to break the jinx, and I am getting the following error when trying to telnet to the box. The installation and configuration of pam radius module went fine. Could you please help in this rega

Re: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread Johan Rydberg
[EMAIL PROTECTED] skrev: You have posted a question to the freeradius list and included a debug from - OpenSSH??? Don't you think that freeradius debug would be more helpful? As I stated, authentication in respect to RADIUS works just fine, therefor here's not need for the debug output from pa

Re: OpenSSH, PAM and pam_radius_auth

2008-01-08 Thread tnt
You have posted a question to the freeradius list and included a debug from - OpenSSH??? Don't you think that freeradius debug would be more helpful? Ivan Kalik Kalik Informatika ISP Dana 8/1/2008, "Johan Rydberg" <[EMAIL PROTECTED]> piše: >I'm trying to get RADIUS authentication to work on one