carl at bl.echidna.id.au
2000-Jul-07 01:56 UTC
radius support? (was Re: PAM on OPenBSD for OpenSSH?
Further to my original question about PAM on OpenBSD for OpenSSH, it may be non-trivial to get any PAM stuff onto OpenBSD (Thanks to Ben Lindstrom for his suggestion, which I'll try, using a gnu/loonucks PAM package, any suggestions for which one to use, or where to get it from? I'm not very clueful when it comes to GNU/linux). So, I remember in a past life hacking suport for other auth into erpcd (Annex TS's), and it wasn't rocket science to do, so I'd have to guess that hacking a radius client into openSSH wouldn't be too hard either? I've had the Merit one suggested, but before I do anything, is anyone 1. working on this already? 2. interested in doing this (ie: should I pass my hacks back to the OpenSSH maintainers to include/laugh at?) 3. know of a better way to get OpenSSH's daemon to authenticate against a remote radius server? thanks again Carl
Nalin Dahyabhai
2000-Jul-07 18:04 UTC
radius support? (was Re: PAM on OPenBSD for OpenSSH?
On Fri, Jul 07, 2000 at 11:56:29AM +1000, carl at bl.echidna.id.au wrote:> Further to my original question about PAM on OpenBSD for OpenSSH, > it may be non-trivial to get any PAM stuff onto OpenBSD (Thanks > to Ben Lindstrom for his suggestion, which I'll try, using a > gnu/loonucks PAM package, any suggestions for which one to use, or > where to get it from? I'm not very clueful when it comes to GNU/linux).The official home site is http://www.kernel.org/pub/linux/libs/pam/, though there's some stuff going on at http://pam.sourceforge.net/. Some tweaking of (or creation of an entirely new) .defs file will probably be necessary to build it properly on OpenBSD. Nalin
On Fri, 7 Jul 2000 carl at bl.echidna.id.au wrote:> 3. know of a better way to get OpenSSH's daemon to authenticate > against a remote radius server?It depends on what you are after - do you still want to have local accounts in /etc/master.passwd? or do you want to fetch that as well? -d -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)