similar to: PAM Module:Openssh and Tacacs+ Question

http://bugzilla.mindrot.org/show_bug.cgi?id=1215 Jesse Zbikowski <embeddedlinuxguy at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |embeddedlinuxguy at gmail.com --- Comment #7 from Jesse Zbikowski <embeddedlinuxguy at

Hello, I have the following problem: I have installed openssh-1.2.2 on FreeBSD 3.4-RELEASE. I intentionally did not took the FreeBSD port because it does not support PAM. My aim is to make sshd authenticate against a TACACS+ server using the pam_tacplus.so module shipped with FreeBSD. That works perfectly with this line in my /etc/pam.conf: login auth sufficient pam_tacplus.so

Hi All, is there an RPM for it for CentOS.? I tried "yum install tacacs+" but got nothing. I also checked dags repo and found nothing. Cheers. Mark Sargent.

Is there any working solution to proxy tacacs+ to radius server? (it can be commercial too?) I found this old project: http://portal-to-web.de/tacacs/, but it is a bit antique? -- Eero

Sudarshan Soma wrote: > Does sssd/NSS has a way to fetch user names from sources like > RADIUS/TACACS server? My impression is that while this might be theoretically possible, nobody does this. Especially it's not clear to me how you would push group membership to the system. And AFAICS in case of TACACS+ there's also only a single "role" available (translate this to

Hi, I am Vishwanath, I got one requirement from our clients regarding remote authentication. In which all users info present in remote user database. Currently using openssh for SSH connections. To open a new remote session via SSH, the openssh will look into the /etc/passwd file. If user present then it will allow to login using password or key authentication. But in my case all user info is

Hi I am trying to write pam_radius module which talks to RADIUS server for aaa. I see sshd checks /etc/passwd for user list. Since RADIUS server has user list, can sshd ignore this check for RADIUS/TACACS+ authentication, Please suggest if there are any flags to control it. I am using the following versions. OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017 I see sssd (NAS) being used for such use

On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote: > HI, I do see some refernce on it: but seems not closed > https://marc.info/?l=secure-shell&m=115513863409952&w=2 > > http://bugzilla.mindrot.org/show_bug.cgi?id=1215 > > > Is this patch available in latest versions, 7.6? No. It never was. The SSSD is using NSS (Name Service Switch) [1] way of getting

Hi We recenlty ugraded to openssh-3.7.1p2. Our architecture is ssh daemon uses pam module which sends request to remote radius/tacacs+ servers based on configuration. Now if I create the user in /etc/passwd, then ssh daemon calls pam and everthing works fine. But if the user is not present in /etc/passwd, then ssh daemon is not calling pam. The debug log is given below. All these

Any good source to tac_plus server for centos 6? thanks, -- Eero

Hi, Thanks for the replay. This is the platform which we are using. Distributor ID: Debian Description: Debian GNU/Linux 8.2 (jessie) Release: 8.2 Codename: jessie Regards, Vishwanath KC +918892599848. On Tue, Jan 24, 2017 at 11:16 AM, Darren Tucker <dtucker at zip.com.au> wrote: > On Tue, Jan 24, 2017 at 4:17 PM, Vishwanath KC <vicchi.cit at gmail.com> >

I want to configure secure shell access to a Linux machine where allowed users are stored in an sqlite3 database and not in the /etc/passwd, /etc/shadow and /etc/group. I use PAM for user authentication. In this case I use libpam_sqlite<https://github.com/sangeeths/libpam-sqlite/blob/master/README_pam_sqlite3>which performs PAM actions like auth, account, password, etc on user data stored in

Hi ! I'm trying to authenticate users on a Linux Red hat AS 2.1 against a radius server. I have upgraded my OpenSSHd to : OpenSSH_4.2p1, OpenSSL 0.9.6b [engine] 9 Jul 2001 The users accounts are NOT stored locally on the sever (no accounts in /etc/passwd ). Users ssh to the box : ssh test at testserver.com passwd: test I'm usign PAM to direct the authentication request to the radius

http://bugzilla.mindrot.org/show_bug.cgi?id=1269 Summary: PAM Callback returns garbage if user unknown or root with disabled login in ssh-config Product: Portable OpenSSH Version: v4.5p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support

Howdy list, Sorry if this is a frequently discussed topic, or an off-topic question, but I couldn't find much info about my question by performing quick searches in the archives, and my question is pretty tightly related to security... Background: =========== I have a number of FreeBSD machines. Most are 4.x, but a few are 5.x (mainly the testing/devel machines). I also have a single Red