Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How do I use PAM with Cistron RADIUS?

April 26, 2017cistron pam radius

0

Posted

How do I use PAM with Cistron RADIUS?

1 Answer

0

Posted

You’ll need the redhat/radiusd.pam file from the distribution. It should go into a new file, /etc/pam.d/radius. If you have 100’s to 1000’s of users in /etc/passwd, you’ll want to replace the pam_pwdb.so entries with pam_unix_auth.so, pam_unix_acct.so etc. The pam_pwdb module is INCREDIBLY SLOW for authenticating users from a large /etc/passwd file. Bruno Lopes F. Cabral bruno at openline dot com dot br also says: Now I can emulate group behaviour using just PAM and some tricks, like #—– auth required /lib/security/pam_userdb.so \ crypt db=/etc/raddb/data/users auth required /lib/security/pam_listfile.so \ item=user sense=allow \ file=/etc/raddb/data/somehunt.allow onerr=fail auth required /lib/security/pam_nologin.so account required /lib/security/pam_userdb.so #—– and DEFAULT Huntgroup-Name=”somehunt”, \ Auth-Type=PAM, \ Pam-Auth=”radhunt”, \ Simultaneous-Use=1 Fall-Through = Yes this way I have NO users on /etc/password and NO need for lots of lines on /etc/raddb/users.