OpenSSH and pam_radius_auth.so

Michael Haverkamp mhaverkamp at kcp.com
Wed Mar 24 03:56:49 EST 2004 

Is upgrading PuTTY an option?  I have had problems with PuTTY 0.52 and 
recent versions of OpenSSH.  I believe it is because PuTTY 0.52 does not 
support KbdInteractive.  PuTTY 0.53b or newer should work.

Paul Abel wrote:
> Hi,
> 
> I have recently upgraded from OpenSSH-3.5 to OpenSSH-3.8 on my Red Hat 6.2 servers.  I use radius (pam_radius_auth) for ssh authentication.  Since the upgrade ssh1 (putty 0.52) logins are failing.  I've come to the conclusion that pam is skipping the radius section of the config file and is falling back to standard unix authentication.
> 
> Is there any way of making ssh1 work with radius on recent versions of OpenSSH?
> 
> Here is my pam config file:
> 
> #%PAM-1.0
> auth       sufficient   /lib/security/pam_radius_auth.so debug
> auth       required     /lib/security/pam_pwdb.so shadow nodelay
> auth       required     /lib/security/pam_nologin.so
> account    sufficient   /lib/security/pam_radius_auth.so
> account    required     /lib/security/pam_pwdb.so
> password   sufficient   /lib/security/pam_radius_auth.so
> password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
> session    required     /lib/security/pam_pwdb.so
> session    required     /lib/security/pam_limits.so
> 
> Thanks,
> Paul Abel
> 
> 
> This E-mail message, including any attachments, is intended only for the person or entity to which it is addressed, and may contain confidential information. If you are not the intended recipient, any review, retransmission, disclosure, copying, modification or other use of this E-mail message or attachments is strictly forbidden. If you have received this E-mail message in error, please contact the author and delete the message and any attachments from your computer. You are also advised that the views and opinions expressed in this E-mail message and any attachments are the author's own, and may not reflect the views and opinions of Digital Interactive Television Group.
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Michael Haverkamp

More information about the openssh-unix-dev mailing list