openssh with radius server unreachable
Pascal Henri
pascal.henri at alcatel.fr
Fri Nov 10 00:30:18 EST 2006
Hello,
I think to have find a small pb with openssh when a Radius server is
unreachable.
I use radius authentication with pam my system-auth is the following
auth [success=done auth_err=die default=ignore]
/lib/security/pam_radius_auth.so try_first_pass debug
auth [success=ignore auth_err=ignore default=ignore] pam_nologin.so
file=/etc/raddb/radiusfailure
auth required /lib/security/pam_unix.so likeauth nullok md5 shadow
auth required /lib/security/pam_tally.so deny=2 per_user
no_magic_root even_deny_root_account
account required /lib/security/pam_unix.so
account required /lib/security/pam_tally.so reset no_magic_root
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_unix.so
when radius server is unreachable, we display contents of file
radiusfailure "RADIUS servers are unreachable, need local password.".
with telnet this contents is display on client between each
authentication try but not when i use ssh client.
With ssh, i have the following sequence
debug1: Doing password authentication.
pascal at clin5207's password:
Permission denied, please try again.
pascal at clin5207's password:
Permission denied, please try again.
pascal at clin5207's password:
Permission denied.
I have no indication that radius server is not reachable. Is it possible
to fix the problem ?
--
-------------------------
Pascal h.
-------------------------
More information about the openssh-unix-dev
mailing list