Authenticate Radius user using pam and ssh

Question

I am able to authenticate radius users using radius server+pam+ssh with creating local user with blank password in linux.

Is it possible to authenticate radius users without creating users in local machine with blank password?

/etc/pam.d/ssh file as below

#%PAM-1.0
auth    sufficient      pam_radius_auth.so debug
auth    sufficient      pam_unix.so use_first_pass
auth    required        pam_auth_status.so                
account sufficient      pam_unix.so 
account required        pam_auth_status.so    
session required        pam_unix.so

score 1 · Answer 1 · answered Jan 16 '14 at 08:33

1

The radius protocol is only designed for authentication and doesn't provide the POSIX account attributes needed for users to be able to use your systems, e.g. UID and GID numbers, a default shell, and home directory.

answered Jan 16 '14 at 08:33

HBruijn

84,206
24
145
224

Authenticate Radius user using pam and ssh

1 Answers1