How to auth ssh users by radius in debian
Veröffentlicht am Mittwoch, 27 März 2013 10:54 | Geschrieben von Super User | 
| Zugriffe: 2148
| Zugriffe: 2148
install libpam-radius-auth
|
1
|
apt-get install libpam-radius-auth |
open /etc/pam_radius_auth.conf
|
1
|
nano /etc/pam_radius_auth.conf |
and add the following lines into it. Your_IP and PORT are the IP address and Port of Radius sever. SecretKey is the Secret of radius server. 3 is the timeout in seconds.
|
1
2
|
# server[:port] shared_secret timeout (s)YOUR_IP:PORT SecretKey 3 |
Change the permissions :
|
1
2
|
chown root /etc/pam_radius_auth.confchmod go-rwx /etc/pam_radius_auth.conf |
open /etc/pam.d/common-auth :
|
1
|
nano /etc/pam.d/common-auth |
and add the following lines :
|
1
|
auth sufficient pam_radius_auth.so |
open /etc/pam.d/sshd :
|
1
|
nano /etc/pam.d/sshd |
and add the following lines :
|
1
|
auth required /etc/security/pam_radius_auth.so debug |
and exclude the following lines :
|
1
|
@include common-auth |
Category: