(RADIATOR) Radiatior and PAM authentication for Kerberos 5

Hugh Irvine hugh at open.com.au
Sat Sep 1 01:57:07 CDT 2001 

Hello Mike -

Have you done everything that is mentioned in section 6.37 of the 
Radiator reference manual?

I have also copied this to Mike for his comments.

regards

Hugh


At 21:25 -0600 01/8/31, Forbes Mike wrote:
>I am using Radiatior on Redhat 7.1 with PAM authentication.  I have the
>radius.cfg as
>follows:
>
><Realm DEFAULT>
>         <AuthBy PAM>
>         Service radiusd
>         </AuthBy>
>
>         # Log accounting to a detail file
>         AcctLogFileName %L/detail
></Realm>
>
><Client x.x.x.x>
>         Secret  mysecret
>         NasType Cisco
>         DupInterval 0
></Client>
>
>
>more /etc/pam.d/radiusd
>auth     required       /lib/security/pam_krb5.so
>
>I get the following /var/messages
>
>Aug 31 21:10:54 radii perl: pam_krb5: authentication succeeds for forbeskm
>
>I get the following from radius logfile
>
>Fri Aug 31 21:10:54 2001: DEBUG: Handling request with Handler
>'Realm=DEFAULT'
>Fri Aug 31 21:10:54 2001: DEBUG:  Deleting session for forbeskm,
>x.x.x.x, 3
>Fri Aug 31 21:10:54 2001: DEBUG: Handling with PAM service radiusd
>Fri Aug 31 21:10:54 2001: DEBUG: PAM is asking for 'Password'
>Fri Aug 31 21:10:54 2001: INFO: Access rejected for forbeskm:
>Authentication service cannot retrieve authentication info.:
>Fri Aug 31 21:10:54 2001: DEBUG: Packet dump:
>
>
>Why is this failing, is it my krb5.conf that may be misconfigured.  I did
>not have any luck with getting more debug info from putting debug = true
>in the [pam] section.
>
>Anybody else doing kerb5 authentication with the radiator??
>
>Thanks,
>
>Mike Forbes
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list