[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: login_radius
First of all I would try to run radius with some sort of debug to see if
it does get requests at all. Also, check radius password on both sides.
I use similar setup without problems.
Petr R.
Tero Ripattila [tero@ripattila.com] wrote:
> Hello all,
>
> I am trying to use login_radius authentication class to authenticate my
> users agains a freeradius setup running on another OpenBSD setup.
>
> I placed following lines to configuration files like suggested on the
> man page
> <http://www.openbsd.org/cgi-bin/man.cgi?query=login.conf&apropos=0&sektion=0&manpath=OpenBSD+3.5&arch=i386&format=>:
>
> $ cat /etc/login.conf
>
> radius:\
> :requirehome@:\
> :auth=radius:\
> :radius-server=192.168.0.11:\
> :radius-timeout=1:\
> :radius-retries=5:
>
> $ ls -l /etc/raddb
>
> drwxr-xr-x 2 root _radius 512 May 2 23:12 raddb
>
> $ ls -l /etc/raddb/server
>
> -rw-r----- 1 root _radius 23 May 2 23:11 servers
>
> $ cat /etc/raddb/servers
>
> 192.168.0.11 foo
>
> I connected a test user to radius-based authentication class:
>
> $ userinfo foo
>
> login foo
> passwd *
> uid 1001
> groups users ssh
> change NEVER
> class radius
> gecos Test User
> dir /home/foo
> shell /usr/local/bin/bash
> expire NEVER
>
> And when I try to ssh to this computer using the test account created, I
> get failed password errors:
>
> $ cat /var/log/auth
>
> May 2 23:48:37 kanki sshd[19713]: Failed password for foo from
> 192.168.0.12 port 4898 ssh2
>
> I checked Freeradius logs and there were no login attempts at all. What
> have I done wrong ?
>
> Best regards,
> Tero