similar to: PAM on OPenBSD for OpenSSH?

Further to my original question about PAM on OpenBSD for OpenSSH, it may be non-trivial to get any PAM stuff onto OpenBSD (Thanks to Ben Lindstrom for his suggestion, which I'll try, using a gnu/loonucks PAM package, any suggestions for which one to use, or where to get it from? I'm not very clueful when it comes to GNU/linux). So, I remember in a past life hacking suport for other auth

I've been through the archive, and not found anything conclusive, except for a problem report of sorts from Theo E. Schlossnag (who has a set of patches for SecurID integration). I'm about to replace some ssh 1.2.26 (I know!) installations with OpenSSH 2.5.1p2, on Solaris 2.6 sparc boxes, and we use SecurID tokens for these boxes. I've compiled up OpenSSH 2.5.1p2 with --with-pam,

Hi all, I'm new to this mailing list, so I apologize if my question is "obsolete" for you. I'd like to know if anybody has a clear idea about how to connect smartcards to the SSH framework. I yet got a modified ssh-agent (by Stephen Pellicer) that uses SSP-Lite (CyberflexAccess driver by me) in order to use the smartcard instead of the HD files. Instead, I'd like to

Hello, Can anyone recommend a pure dedicated US-based hosting with CentOS support? Prefeably one that is flexible when you need to scale the system. Anywhere I can find user-reviews? Thanks, Gustaf -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20061011/0fb21510/attachment-0002.html>

On Tue, 2002-10-29 at 05:01, Hielke Christian Braun wrote: > i am trying to use dovecot with pam and radius. My users have names > in the format joe at somedomain.com. When i have pam configured to use > the normal passwd/shadow files it works fine. With radius it does not. > I see at the radius server that the domain part of my usernames > is always replaced with the same domain

Hi, I'm currently testing dovecot to authenticate user passwords against a radius server, via pam_radius_auth, and that seems to work fine. However, I am running other software (Exim MTA) that also authenticates via radius, using the radiusclient library from: http://www.mcs.de/~lf/radius/ Is there any chance that this library could be used by Dovecot as a further authentication option, and

Hi I am trying to write pam_radius module which talks to RADIUS server for aaa. I see sshd checks /etc/passwd for user list. Since RADIUS server has user list, can sshd ignore this check for RADIUS/TACACS+ authentication, Please suggest if there are any flags to control it. I am using the following versions. OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017 I see sssd (NAS) being used for such use

Hi, I am trying to configure ssh/pam to use freeradius as one of the authentication sources on a C6 box. I have freeradius running on a separate box with 2 factor authentication. Using the radtest utility, I can successfully authenticate. My problem is that I do not understand how to configure pam to use radius as an auth source and be sure I am not opening a security hole in my systems. While

Hi ! Sorry to bring back the infamous "NOUSER" in the conversation but I didn't get the workaround on that problem. Firstly, I'm using : - openssh-3.1p1-15 which is the version which comes by default with my Red Hat Linux Advanced Server release 2.1AS. - I'm using PAM, set up to use radius. Please find below the /etc/pam.d/sshd file : #%PAM-1.0 auth

On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote: > HI, I do see some refernce on it: but seems not closed > https://marc.info/?l=secure-shell&m=115513863409952&w=2 > > http://bugzilla.mindrot.org/show_bug.cgi?id=1215 > > > Is this patch available in latest versions, 7.6? No. It never was. The SSSD is using NSS (Name Service Switch) [1] way of getting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, sorry to bother you with this. I'm trying to set up an experimental system (which may become production if it ever gets off the ground) and it's not working. The short version: I'm trying to get Dovecot 1.2.4 to authenticate against a customised PAM module. In short, we're using a specialised OTP radius backend. One of my

Greetings all, I'm working on attempting to get SAMBA to work with a product line called CryptoCard. I *should* be able to get it to work one of two ways, either through the use of CryptoCard's provided PAM module, or through RADIUS authentication. Currently, I cannot seem to get PAM authentication to work at all. This is what is in the 'samba' file for PAM: auth

Dear Sirs, I?m writting a pam module for Radius authentication, which should allow a remote login via ssh on a Linux machine with an openssh server. In particular, the user which is configured at the remote Radius server is not present on the local user database of the Linux machine. Unfortunatly, openssh will not allow to start a PAM user authentication if cannot find the user login in the

I've just upgraded to 2.1.0p2 on my solaris 8 boxes (now it survives a little longer, thanks!). But, I'm seeing "scp not found" where before it was fine. configure --prefix=/opt/local --with-random-/dev/random (the entropy generator is still broken), and in the past I had no problems with scp, but AFAIK something's broken in 2.1.0. Is anyone else seeing anything similar?

Sudarshan Soma wrote: > Does sssd/NSS has a way to fetch user names from sources like > RADIUS/TACACS server? My impression is that while this might be theoretically possible, nobody does this. Especially it's not clear to me how you would push group membership to the system. And AFAICS in case of TACACS+ there's also only a single "role" available (translate this to

A while ago I saw some stuff about fixes for the problem with ssh2 and linux (which the FAQ on www.openssh.com is still mentioning but not offering any real solutions for). Is there any news on when/if these fixes will find their way into a release? OpenSSH 2.9p3 perhaps? :) Carl

Hi Everyone, Has anyone tried to configure the ssh service under pam.d to authentication against a radius service? I have compiled and installed the pam_radius_auth module but am unable to get the configurations working properly. Any samples configurations will be appreciated. Thanks. -- "I never look back darling, it distracts from the now", Edna Mode (The Incredibles)

Hi, this is merely FYI, but i would appreciate if someone had any comments or further information on the topic. We were using the following setup : cryptocard easyradius with RB-1 hardware tokens (hex or decimal display, synchronous (quicklog) mode) f-secure ssh with pam radius authentication This worked fine until we updated to openssh 2.9p2. Then all authentications where the response

Hi We use pam to authenticate users password using RADIUS. There is now a requirement to support these RADIUS users through certificate based authentication instead of password. I was thinking whether the current X.509 patch supporting certificate can be modfied to use PAM ?. Or else, Since keyboard interactive uses PAM anyway, Is there any easy way to pass user certificate to pam which can in

http://bugzilla.mindrot.org/show_bug.cgi?id=559 ------- Additional Comments From joerg.albert at gmx.de 2004-02-20 02:35 ------- Hi Frank, > FWIW, I actually have a valid use for that behavior (not just having a > feature for feature's sake). A device that > logs folks in to a single role account, but using individual usernames > and secrets. Via PAM, that's possible