Re: SSHD and PAM

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Sudarshan Soma wrote:
> Does sssd/NSS has  a way to fetch user names from sources like 
> RADIUS/TACACS  server?
My impression is that while this might be theoretically possible, nobody
does this. Especially it's not clear to me how you would push group
membership to the system. And AFAICS in case of TACACS+ there's also
only a single "role" available (translate this to single group).

So the usual answer is: Use LDAP.

> We wanted to enable RADIUS/TACACS Authentication using PAM and enabling PAM
> in sshd.

You could implement password authc for sshd (to be on-topic here) via
pam_radius and let LDAP serve the NSS part. Not sure whether it's worth
the effort though.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux