Date: Thu, 21 Apr 2005 18:12:31 +0100 (BST) From: Vince Hoffman <jhary@unsane.co.uk> To: freebsd-questions@freebsd.org Subject: pam_radius and ssh Message-ID: <20050421154545.D18353@unsane.co.uk>
next in thread | raw e-mail | index | archive | help
Hi all, I've been looking into using the pam_radius pam module and have been trying out the template_user feature as this would ease the administrative burden in our setup, (it allows a user to be specified as a template if the radius user does not have a local account.) I can get it to work fine for login and telnetd, but sshd seems to have a problem. If a local user with the same name as the radius user exists then no problem, if not then the template_user should kick in, however it doesnt, in fact if the user does not exist localy then the pam_radius module is never even invoked, or at least it never sends any query to the radius server. I'm guessing that sshd checks for a valid user even when its using PAM authentication and halts any further progress. Is there any way to turn this off? thank, Vince
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050421154545.D18353>