I have a linux box that I want to use RADIUS as the ONLY authentication method. I.e., I do not want to allow std unix login. I am using a pam-enabled telnetd started from inetd on debian linux with the pam_radius module. The pam radius module gets called, i pass it the credentials, and it authenticates me. however, I never get a shell, rather, the connection is closed by telnetd. I have traced this to where the login program starts the shell (not using gdb, mind you, some of this is speculation): shell (pwent.pw_shell, (char *) 0); /* exec the shell finally. */ problem is, i DO NOT have a /etc/passwd entry for my RADIUS user. that is, I login as "foo"--RADIUS has an entry for "foo", but /etc/passwd does not. As soon as I add an entry in /etc/passwd for "foo" with whatever password I want, it all works fine. Is it a requirement to have all your RADIUS userid's in /etc/passwd or is there a slick way to avoid this? Is there a way to specify a default shell if one is not found? thanks/jc _____ DISCLAIMER: The information contained in this e-mail is confidential and is intended solely for the review of the named addressee, and in conjunction with specific Acopia Networks business. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you are unable to treat this information accordingly, or are not the intended recipient, please notify us immediately by returning the e-mail to the originator. _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
