Random ...
July 2018
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
Tags ...

Linux++:::: Radius, Meet Pam
Posted at 16.Aug,2006 15:26  Comments 0 / Trackbacks 0 / Like this post!
Technorati tag(s):

How can an application, e.g squid, webmail, etc, authenticate via radius? There are radius plug-ins for some apps.

But the best way to authenticate is via pam. Pam is used by almost every *nix box.

Here's how I installed pam_auth_radius to let my app (webmail) authenticate against a radius server (fereeeradius).

First off, get the pam-radius tarball at freeradius

Untar and make. Move pam_auth_radius.so to /lib/security. then copy the sample pam_auth_radius.conf to /etc/raddb/server. The file should be chmoded 600 and contain at least this line:

  server:port    secret  timeout

Now, add this in /etc/pam.d/appname:

  auth       required     /lib/security/pam_securetty.so
  auth       sufficient   /lib/security/pam_radius_auth.so
  auth       required     /lib/security/pam_unix_auth.so

Now, add the necessary permission in client.conf (for freeradius) at your radius server.

Now, if everything goes according to plan, your app will authenticate against the radius server.

Bookmark and Share

Is this entry helpful? Comments/Donate/Click some google ads.  
Trackback is http://myzope.kedai.com.my/blogs/kedai/97/tbping 

Post a comment