Hello,
I think to have find a small pb with openssh when a Radius server is
unreachable.
I use radius authentication with pam my system-auth is the following
auth [success=done auth_err=die default=ignore]
/lib/security/pam_radius_auth.so try_first_pass debug
auth [success=ignore auth_err=ignore default=ignore] pam_nologin.so
file=/etc/raddb/radiusfailure
auth required /lib/security/pam_unix.so likeauth nullok md5 shadow
auth required /lib/security/pam_tally.so deny=2 per_user
no_magic_root even_deny_root_account
account required /lib/security/pam_unix.so
account required /lib/security/pam_tally.so reset no_magic_root
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_unix.so
when radius server is unreachable, we display contents of file
radiusfailure "RADIUS servers are unreachable, need local password.".
with telnet this contents is display on client between each
authentication try but not when i use ssh client.
With ssh, i have the following sequence
debug1: Doing password authentication.
pascal@clin5207's password:
Permission denied, please try again.
pascal@clin5207's password:
Permission denied, please try again.
pascal@clin5207's password:
Permission denied.
I have no indication that radius server is not reachable. Is it possible
to fix the problem ?
--
-------------------------
Pascal h.
-------------------------
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
|