[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-security
Subject: nufw and radius authentication
From: Johann Spies <jspies () sun ! ac ! za>
Date: 2008-06-18 8:58:12
Message-ID: 20080618085812.GC7341 () sun ! ac ! za
[Download RAW message or body]
I want to test the suitability of nufw for our environment and am
struggling to get the radius authentication to work for non-local
users.
I have the following in /etc/pam.d/common-auth:
auth required pam_unix.so nullok_secure
and in /etc/nuauth
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_radius_auth.so
auth required /lib/security/pam_deny.so
@include common-auth
When jspies is a local user (and registered in the radius database) I
can use radius to login as jspies:
Message: [7] NuFW TLS Handshaking (last error: 0)
** Message: [6] [+] User "jspies" connected, groups: 1003
** Message: [8] Going to init PostgreSQL connection.
** Message: [8] PostgreSQL init done
When I delete jspies as local user I get :
** Message: [7] NuFW TLS Handshaking (last error: 0)
** Message: [7] Bad password for user "jspies"
** Message: [7] Bad auth from user at sasl.c:159
** Message: Starting SASL negotiation: user not found
** Message: Authentification error: SASL error: invalid credentials (username or password)
** Message: Authentification error: user: jspies@nufw from 127.0.0.1 (port 40155), protocol version 4
Any help to get pass this obstacle will be appreciated.
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"Jesus said unto her, I am the resurrection, and the
life; he that believeth in me, though he were dead,
yet shall he live." John 11:25
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic