Date: Thu, 6 Jan 2011 08:05:05 -0800 (PST) From: gahn <ipfreak@yahoo.com> To: Bill Moran <wmoran@potentialtech.com>, Indexer <indexer@internode.on.net> Cc: freebsd general questions <freebsd-questions@freebsd.org> Subject: Re: freebsd and Message-ID: <836594.49162.qm@web130206.mail.mud.yahoo.com> In-Reply-To: <22B48F74-6976-4DCB-8F3C-CE0D0D425173@internode.on.net>
index | next in thread | previous in thread | raw e-mail
thanks. i am looking into the suggestions. best gahn --- On Wed, 1/5/11, Indexer <indexer@internode.on.net> wrote: > From: Indexer <indexer@internode.on.net> > Subject: Re: freebsd and > To: "Bill Moran" <wmoran@potentialtech.com> > Cc: "gahn" <ipfreak@yahoo.com>, "freebsd general questions" <freebsd-questions@freebsd.org> > Date: Wednesday, January 5, 2011, 4:53 PM > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > On 06/01/2011, at 07:02, Bill Moran wrote: > > > > > (don't see why this was on -current) > > > > In response to gahn <ipfreak@yahoo.com>: > >> hi all: > >> > >> i set up the freeradius 21.100.1 on freebsd 8.1. > it uses local authentication database of /etc/passwd (thanks > to the previous discussions alan did with others). the > problem is: it only works with the condition of the server > id running as "root" instead of "freeradius" due to the one > way MD5 hash of /etc/passwd file. > >> > >> are there any other better ways to implement > this? > > > > a) Put the Radius server in a jail, so it can run as > root without all the > > security concerns. > > b) Use something other than /etc/passwd > authentication > > > > Cant radius use pam? perhaps you should look into that. > > It may be a pain though, freeradius is largely > undocumented, and what documentation exists is often > incomplete, incorrect and full of people touting "IT JUST > WORKS" when 99% of the time, It never works. Once you figure > it out however, its great. I would highly recommend putting > your raddb into a version control system. > > > -- > > Bill Moran > > http://www.potentialtech.com > > http://people.collaborativefusion.com/~wmoran/ > > _______________________________________________ > > freebsd-questions@freebsd.org > mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > William Brown > > pgp.mit.edu > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.16 (Darwin) > > iQIcBAEBAgAGBQJNJRKdAAoJEHF16AnLoz6Je6YP/j5sfpXOReiyviyNututzGfA > dS+/6MoBfumuzdLAxTZ5gCJ4r7hIWJSbl0vPbt8zDbigcGJKcuT63dfdeAsV/7vu > /0KqeC1HbrS5mXB2bVVjUvxgm+LbTlTrS8pIkS3A1jWSvvYgqb5ABXL2gXDARJig > pQ5Ehw/mJsgNNmYOrHD1FV5H1/0s0arXSK6rK/sJa7qBIyuLvfuatfK2NOFlPAr5 > ST1UqvGrEVP5vA4GGO3+l4m7CBIuzVBuVaLpTpsHUXcdjxoB0bgZrR6se42z7VFo > PgClT1bKv/Ht8rD9EO6oRpASAHB89/K1HpNvHbV9KT+veuKcla0xVPilpyt+XMES > c4iDxwOBzml+N6QPiGdD9+GhfvZbg2JBgHoGYFXclyDJFceiDVkMgTWN75miB+d4 > tMTZbtwkQNoobRmp/BCAlVqRJC3dUQeVqDSAUkuMf6ZU0WQWfh6g8qtGb0IA5mWH > u0mRbBacEr4kx3bSeIzCb09DJMkDFmb1/kaQPVqUEYpU+ggW8yLV5sz/vdomdpRB > 6hUfcXHnGK/GY4FsMPHaLTWghHdG6cFv8XwM/8ftsrCTtJYl0mD8xzSxqeTBCrua > VPHcZ0d4gxe7reylYZfp8NqTAK96JBkRqEoTtYyi6Oiy8kbolY8SHiok98o/uydT > nGM30URjS7EC7oSyL4N5 > =ppAO > -----END PGP SIGNATURE----- >help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?836594.49162.qm>