On Dec 11, 2007 10:32 AM, Dan Gahlinger <dgahling@xxxxxxxxxxx> wrote: > > I've googled as much as I can, read what I can find, > even read snippets of Oreilly books that have some information covering PAM, > > but so far, I have yet to find any really good documentation on where a > sysadmin can start understanding PAM. > > The basics are all there, but I can't find anything on adding or changing > authentication methods. > > Like say you want to add Radius authentication to the system, so local users > can login via radius. > just as an example. > > there is no documentation on how to do this, and radius docs don't help > much. > > there are some examples from an old version of RedHat about changing the > /etc/pam.conf but that is obsolete. > > None of the examples work, putting the appropriate configurations in > /etc/pam.d/login or sshd etc > > either does nothing, or locks me out. > > the examples seem to be in a different format than pam now accepts. > > are there any really good resources, or why hasn't there been a PAM book by > OReilly I can't say if they are good or not, but we're written a bunch of how-tos that use pam_radius et al to add two-factor authentication to various linux services, such as ssh, apache, webmail, webdav, etc: http://www.wikidsystems.com/documentation/howtos/how-to-secure-ssh-with-wikid-two-factor-authentication/ http://www.wikidsystems.com/documentation/howtos/pamradius/ While we haven't done login, these should translate. It sounds like your /etc/login is not configured correctly, which can be very os specific. What seems to help me is to run a 'tail -f /var/log/secure' while logging in to see what problems are occurring. hth, nick -- -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
