[RADIATOR] All RADIUS servers failed to respond

Cover, Christopher R. CTR Christopher.Cover.ctr at med.navy.mil
Wed Feb 11 13:50:03 CST 2015 

Using Radiator server...

-----Original Message-----
From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On
Behalf Of Michael
Sent: Wednesday, February 11, 2015 2:43 PM
To: Cover, Christopher R. CTR; Radiator (radiator at open.com.au)
Subject: Re: [RADIATOR] All RADIUS servers failed to respond

I think maybe you have the wrong mailing list?  This mailing list is for
Radiator.



On 11/02/15 02:38 PM, Cover, Christopher R. CTR wrote:


	So sorry to display my ignorance, but I am having difficulty
diagnosing why
	we cannot authenticate with RADIUS.
	I wonder if these clues might ring a bell with anyone with more
experience.
	Thank you very much in advance for any clues.
	
	We are using Redhat Enterprise Linux 6.6, and the PAM module,
pam_radius,
	version 1.4.0 from FreeRADIUS.org
(http://freeradius.org/pam_radius_auth/).
	It was compiled by itself, apart from the FreeRADIUS server.
	
	Our PAM configuration (/etc/pam.d/sshd):
	
	#%PAM-1.0
	auth       required     pam_sepermit.so
	auth       sufficient   /usr/local/lib64/security/pam_radius_auth.so
debug
	client_id=sshsv
	auth       include      password-auth
	
	Our pam_radius module configuration (/etc/raddb/server):
	
	xxx.xxx.xxx.150:1645 $3cr3t 3
	xxx.xxx.xxx.151:1645 $3cr3t 3
	
	Yet, invariably we receive the following from /var/log/secure:
	
	Feb 11 13:34:41 client-host sshd[16967]: Invalid user testuser from
	xxx.xxx.xxx.7
	Feb 11 13:34:41 client-host sshd[16970]: input_userauth_request:
invalid
	user testuser
	Feb 11 13:34:50 client-host sshd[16967]: pam_radius_auth: Got user
name
	testuser
	Feb 11 13:34:50 client-host sshd[16967]: pam_radius_auth: ignore
last_pass,
	force_prompt set
	Feb 11 13:34:50 client-host sshd[16967]: pam_radius_auth: Sending
RADIUS
	request code 1
	Feb 11 13:34:53 client-host sshd[16967]: pam_radius_auth: RADIUS
server
	xxx.xxx.xxx.150 failed to respond
	Feb 11 13:34:56 client-host sshd[16967]: pam_radius_auth: RADIUS
server
	xxx.xxx.xxx.151 failed to respond
	Feb 11 13:34:56 client-host sshd[16967]: pam_radius_auth: All RADIUS
servers
	failed to respond.
	Feb 11 13:34:56 client-host sshd[16967]: pam_radius_auth:
authentication
	failed
	Feb 11 13:34:56 client-host sshd[16967]: pam_unix(sshd:auth): check
pass;
	user unknown
	Feb 11 13:34:56 client-host sshd[16967]: pam_unix(sshd:auth):
authentication
	failure; logname= uid=0 euid=0 tty=ssh ruser=rhost=remote-host
	
	Have we missed something obvious?
	

	 
	
	_______________________________________________
	radiator mailing list
	radiator at open.com.au
	http://www.open.com.au/mailman/listinfo/radiator


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5671 bytes
Desc: not available
Url : http://www.open.com.au/pipermail/radiator/attachments/20150211/9aea13b1/attachment-0001.bin

More information about the radiator mailing list