(RADIATOR) Re: Radiatior and PAM authentication for Kerberos 5
Forbes Mike
Mike.Forbes at Colorado.EDU
Fri Aug 31 22:58:42 CDT 2001
I think I fixed the problem (wan't running radiator as root). I am
interested if this is how are other are
doing kerb.
Thanks,
Mike Forbes
On Fri, 31 Aug 2001, Forbes Mike wrote:
>
> I am using Radiatior on Redhat 7.1 with PAM authentication. I have the
> radius.cfg as
> follows:
>
> <Realm DEFAULT>
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
>
> # Log accounting to a detail file
> AcctLogFileName %L/detail
> </Realm>
>
> <Client x.x.x.x>
> Secret mysecret
> NasType Cisco
> DupInterval 0
> </Client>
>
>
> more /etc/pam.d/radiusd
> auth required /lib/security/pam_krb5.so
>
> I get the following /var/messages
>
> Aug 31 21:10:54 radii perl: pam_krb5: authentication succeeds for forbeskm
>
> I get the following from radius logfile
>
> Fri Aug 31 21:10:54 2001: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Aug 31 21:10:54 2001: DEBUG: Deleting session for forbeskm,
> x.x.x.x, 3
> Fri Aug 31 21:10:54 2001: DEBUG: Handling with PAM service radiusd
> Fri Aug 31 21:10:54 2001: DEBUG: PAM is asking for 'Password'
> Fri Aug 31 21:10:54 2001: INFO: Access rejected for forbeskm:
> Authentication service cannot retrieve authentication info.:
> Fri Aug 31 21:10:54 2001: DEBUG: Packet dump:
>
>
> Why is this failing, is it my krb5.conf that may be misconfigured. I did
> not have any luck with getting more debug info from putting debug = true
> in the [pam] section.
>
> Anybody else doing kerb5 authentication with the radiator??
>
> Thanks,
>
> Mike Forbes
>
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list