Re: [Help-gnu-radius] PAM

help-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnu-radius] PAM

From:	Roger E McClurg
Subject:	Re: [Help-gnu-radius] PAM
Date:	Fri, 1 Aug 2003 10:32:56 -0400

Sergey,

I only had an auth statement. I tried adding a password statement as well 
and permit worked. My end game is SecurID authentication through Radius 
using RSA's PAM module. Once I got permit working I moved to Unix system 
logon. I got that working too. Now I'm trying to get the SecurID PAM 
working. Of course it is giving me fits. 

I am accessing Radius from a Nortel Contivity VPN concentrator. I set the 
authentication on the Contivity to PAP UserID and Password so that it 
would pass the credentials to Radius in clear text.

The Radius PAM file and the radius.debug log excerpts are below. If you 
have any suggestions, I would love to hear them.

Roger

> /etc/pam.d/radius
#%PAM-1.0
auth              required     pam_securid.so     debug
password   required     pam_securid.so     debug


>radius.debug

Jul 31 16:58:36 auth.c:451:rad_auth_init: checking username: n2h101
Jul 31 16:58:36 auth.c:713:rad_authenticate: auth: n2h101
Jul 31 16:58:36 auth.c:313:rad_check_password: auth_type=253, 
userpass=103350792, name=n2h101, password=NONE
Jul 31 16:58:36 auth.c:324:rad_check_password:   auth: Pam
Jul 31 16:58:36 pam.c:118:pam_pass: username [n2h101], pamauth [radius]
Jul 31 16:58:36 pam.c:123:pam_pass: pam_start: 0
Jul 31 16:58:39 auth.c:451:rad_auth_init: checking username: n2h101
Jul 31 16:58:39 auth.c:713:rad_authenticate: auth: n2h101
Jul 31 16:58:39 auth.c:313:rad_check_password: auth_type=253, 
userpass=103350792, name=n2h101, password=NONE
Jul 31 16:58:39 auth.c:324:rad_check_password:   auth: Pam
Jul 31 16:58:39 pam.c:118:pam_pass: username [n2h101], pamauth [radius]
Jul 31 16:58:39 pam.c:123:pam_pass: pam_start: 0
Jul 31 16:58:42 auth.c:451:rad_auth_init: checking username: nm1101
Jul 31 16:58:42 auth.c:713:rad_authenticate: auth: n2h101
Jul 31 16:58:42 auth.c:313:rad_check_password: auth_type=253, 
userpass=103350792, name=n2h101, password=NONE
Jul 31 16:58:42 auth.c:324:rad_check_password:   auth: Pam
Jul 31 16:58:42 pam.c:118:pam_pass: username [nm1101], pamauth [radius]
Jul 31 16:58:42 pam.c:123:pam_pass: pam_start: 0








Sergey Poznyakoff <gray
@Mirddin.farlep.net>
08/01/2003 03:26 AM

 
        To:     Roger E McClurg/CEG/address@hidden
        cc:     "help-gnu-radius" <address@hidden>
        Subject:        Re: [Help-gnu-radius] PAM


Hi Roger,

> I have PAM compiled in but can't seem to get it to work. Even 
> pam_permit.so fails. Debug shows the old "Password=NONE" problem 
(although 
> I don't know why permit would need one).

What exactly do you have in your PAM config and what messages do you
see in radius logs/debugs?

Regards,
Sergey

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Help-gnu-radius] PAM, Sergey Poznyakoff, 2003/08/01
- Re: [Help-gnu-radius] PAM, Roger E McClurg <=
  - Re: [Help-gnu-radius] PAM, Sergey Poznyakoff, 2003/08/02

Prev by Date: Re: [Help-gnu-radius] %C{Framed-IP-Address} macro fails in acct_start_qIn-reply-to: Your message of Thu, 31 Jul 2003 16:22:08 +0400 <address@hidden>
Next by Date: [Help-gnu-radius] Radius DOES NOT work with MD5 hashed password
Previous by thread: Re: [Help-gnu-radius] PAM
Next by thread: Re: [Help-gnu-radius] PAM
Index(es):
- Date
- Thread