From owner-freebsd-current Sun Feb 2 21:16:19 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id VAA08925 for current-outgoing; Sun, 2 Feb 1997 21:16:19 -0800 (PST) Received: from parkplace.cet.co.jp (parkplace.cet.co.jp [202.32.64.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA08919 for ; Sun, 2 Feb 1997 21:16:15 -0800 (PST) Received: from localhost (michaelh@localhost) by parkplace.cet.co.jp (8.8.5/CET-v2.1) with SMTP id FAA06801; Mon, 3 Feb 1997 05:15:33 GMT Date: Mon, 3 Feb 1997 14:15:33 +0900 (JST) From: Michael Hancock To: David Langford cc: msmith@atrad.adelaide.edu.au, davidn@unique.usn.blaze.net.au, terry@lambert.org, joerg_wunsch@uriah.heep.sax.de, freebsd-current@freebsd.org Subject: Re: login.conf - radius client (was Re: getty patches) In-Reply-To: <199702030506.TAA06653@caliban.dihelix.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sun, 2 Feb 1997, David Langford wrote: > >> I am _particularly_ interested in this, as I have a couple of (paying) > >> ISP customers who very much want to integrate user logins to BSD > >> machines with their radius authentication environment. > >> > > > >This would be very interesting indeed. Centralized authentication to a > >radiusd box for everything; an ASCEND box, a FreeBSD PPP server, a > >FreeBSD client PC, etc. > > I have also seen versions of POP servers that can use msql for user > lists. > > The question I've also had was with regards to sendmail. > How does sendmail know that users exist if one uses RADIUS or some > other "non-traditional" way of user authentication??? [Workaround] Run sendmail on the same box where radiusd is. [Ideal solution] It's completely transparent to sendmail. The authentication calls do the right thing depending on which authentication method is used. [Less than ideal solution] sendmail is hacked to be radius-aware like the recent LDAP support is done. Regards, Mike