[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cistron-radius
Subject:    Re: Blocking users when using auth=SYSTEM
From:       miquels () cistron-office ! nl (Miquel van Smoorenburg)
Date:       2001-07-20 11:10:22
[Download RAW message or body]

In article <Pine.LNX.3.96.1010720193704.5153A-100000@ace.cnl.com.au>,
Mervyn Jack  <mervynj@cnl.com.au> wrote:
>On Fri, 20 Jul 2001 timbo@datafast.net.au wrote:
>
>> validating them against the Unix accounts.  In addition, there's some people 
>> with valid accounts on the unix box who we DON'T want dialing in via RAS.
>> 
>
>We simply put in some entries in the /etc/raddb/users file with an invalid
>un guessable password. Authentication fails as soon as the username is
>found.
>
>example..
>
>lemmein	Password = "no-way-^%^43627"

It would be better to use "Auth-Type = Reject"

>While I'm at it, what's the difference between the above line and this
>one?
>
>lemmein	Auth-Type = Local, Password = "no-way-^%^43627"

Nothing really, if you leave out Auth-Type it will default to Local.

Mike.
-- 
"dselect has a user interface which scares small children"
	-- Theodore Tso, on debian-devel


- 
List info/subscribe/unsubscribe? See http://www.radius.cistron.nl/list/

[prev in list] [next in list] [prev in thread] [next in thread]