(RADIATOR) Radiatior and PAM authentication for Kerberos 5
Forbes Mike
Mike.Forbes at Colorado.EDU
Fri Aug 31 22:25:50 CDT 2001
I am using Radiatior on Redhat 7.1 with PAM authentication. I have the
radius.cfg as
follows:
<Realm DEFAULT>
<AuthBy PAM>
Service radiusd
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/detail
</Realm>
<Client x.x.x.x>
Secret mysecret
NasType Cisco
DupInterval 0
</Client>
more /etc/pam.d/radiusd
auth required /lib/security/pam_krb5.so
I get the following /var/messages
Aug 31 21:10:54 radii perl: pam_krb5: authentication succeeds for forbeskm
I get the following from radius logfile
Fri Aug 31 21:10:54 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Aug 31 21:10:54 2001: DEBUG: Deleting session for forbeskm,
x.x.x.x, 3
Fri Aug 31 21:10:54 2001: DEBUG: Handling with PAM service radiusd
Fri Aug 31 21:10:54 2001: DEBUG: PAM is asking for 'Password'
Fri Aug 31 21:10:54 2001: INFO: Access rejected for forbeskm:
Authentication service cannot retrieve authentication info.:
Fri Aug 31 21:10:54 2001: DEBUG: Packet dump:
Why is this failing, is it my krb5.conf that may be misconfigured. I did
not have any luck with getting more debug info from putting debug = true
in the [pam] section.
Anybody else doing kerb5 authentication with the radiator??
Thanks,
Mike Forbes
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list