Date: Thu, 6 Jan 2011 08:05:05 -0800 (PST) From: gahn <ipfreak@yahoo.com> To: Bill Moran <wmoran@potentialtech.com>, Indexer <indexer@internode.on.net> Cc: freebsd general questions <freebsd-questions@freebsd.org> Subject: Re: freebsd and Message-ID: <836594.49162.qm@web130206.mail.mud.yahoo.com> In-Reply-To: <22B48F74-6976-4DCB-8F3C-CE0D0D425173@internode.on.net>
next in thread | previous in thread | raw e-mail | index | archive | help
thanks. i am looking into the suggestions.=0A=0Abest=0A=0Agahn=0A=0A--- On = Wed, 1/5/11, Indexer <indexer@internode.on.net> wrote:=0A=0A> From: Indexer= <indexer@internode.on.net>=0A> Subject: Re: freebsd and=0A> To: "Bill Mora= n" <wmoran@potentialtech.com>=0A> Cc: "gahn" <ipfreak@yahoo.com>, "freebsd = general questions" <freebsd-questions@freebsd.org>=0A> Date: Wednesday, Jan= uary 5, 2011, 4:53 PM=0A> -----BEGIN PGP SIGNED MESSAGE-----=0A> Hash: SHA1= =0A> =0A> =0A> On 06/01/2011, at 07:02, Bill Moran wrote:=0A> =0A> > =0A> >= (don't see why this was on -current)=0A> > =0A> > In response to gahn <ipf= reak@yahoo.com>:=0A> >> hi all:=0A> >> =0A> >> i set up the freeradius 21.1= 00.1 on freebsd 8.1.=0A> it uses local authentication database of /etc/pass= wd (thanks=0A> to the previous discussions alan did with others). the=0A> p= roblem is: it only works with the condition of the server=0A> id running as= "root" instead of "freeradius" due to the one=0A> way MD5 hash of /etc/pas= swd file.=0A> >> =0A> >> are there any other better ways to implement=0A> t= his?=0A> > =0A> > a) Put the Radius server in a jail, so it can run as=0A> = root without all the=0A> >=A0=A0=A0security concerns.=0A> > b) Use somethin= g other than /etc/passwd=0A> authentication=0A> > =0A> =0A> Cant radius use= pam? perhaps you should look into that. =0A> =0A> It may be a pain though,= freeradius is largely=0A> undocumented, and what documentation exists is o= ften=0A> incomplete, incorrect and full of people touting "IT JUST=0A> WORK= S" when 99% of the time, It never works. Once you figure=0A> it out however= , its great. I would highly recommend putting=0A> your raddb into a version= control system. =0A> =0A> > -- =0A> > Bill Moran=0A> > http://www.potentia= ltech.com=0A> > http://people.collaborativefusion.com/~wmoran/=0A>; > ______= _________________________________________=0A> > freebsd-questions@freebsd.o= rg=0A> mailing list=0A> > http://lists.freebsd.org/mailman/listinfo/freebsd= -questions=0A> > To unsubscribe, send any mail to "freebsd-questions-unsubs= cribe@freebsd.org"=0A> =0A> William Brown=0A> =0A> pgp.mit.edu=0A> =0A> =0A= > =0A> -----BEGIN PGP SIGNATURE-----=0A> Version: GnuPG/MacGPG2 v2.0.16 (Da= rwin)=0A> =0A> iQIcBAEBAgAGBQJNJRKdAAoJEHF16AnLoz6Je6YP/j5sfpXOReiyviyNutut= zGfA=0A> dS+/6MoBfumuzdLAxTZ5gCJ4r7hIWJSbl0vPbt8zDbigcGJKcuT63dfdeAsV/7vu= =0A> /0KqeC1HbrS5mXB2bVVjUvxgm+LbTlTrS8pIkS3A1jWSvvYgqb5ABXL2gXDARJig=0A> p= Q5Ehw/mJsgNNmYOrHD1FV5H1/0s0arXSK6rK/sJa7qBIyuLvfuatfK2NOFlPAr5=0A> ST1UqvG= rEVP5vA4GGO3+l4m7CBIuzVBuVaLpTpsHUXcdjxoB0bgZrR6se42z7VFo=0A> PgClT1bKv/Ht8= rD9EO6oRpASAHB89/K1HpNvHbV9KT+veuKcla0xVPilpyt+XMES=0A> c4iDxwOBzml+N6QPiGd= D9+GhfvZbg2JBgHoGYFXclyDJFceiDVkMgTWN75miB+d4=0A> tMTZbtwkQNoobRmp/BCAlVqRJ= C3dUQeVqDSAUkuMf6ZU0WQWfh6g8qtGb0IA5mWH=0A> u0mRbBacEr4kx3bSeIzCb09DJMkDFmb= 1/kaQPVqUEYpU+ggW8yLV5sz/vdomdpRB=0A> 6hUfcXHnGK/GY4FsMPHaLTWghHdG6cFv8XwM/= 8ftsrCTtJYl0mD8xzSxqeTBCrua=0A> VPHcZ0d4gxe7reylYZfp8NqTAK96JBkRqEoTtYyi6Oi= y8kbolY8SHiok98o/uydT=0A> nGM30URjS7EC7oSyL4N5=0A> =3DppAO=0A> -----END PGP= SIGNATURE-----=0A> =0A=0A=0A
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?836594.49162.qm>