Login or Register to Ask a Question and Join Our Community


Red Hat

RADIUS server for SSH authorization

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat RADIUS server for SSH authorization
# 1  
Old 05-03-2011
RADIUS server for SSH authorization
Good day to anyone. I need your help.
I want to create a centralization server for authorization my users via SSH connections. My manager suggested me a RADIUS + PAM, but frankly speaking I read a lot information about these and understood one thing - RADIUS could work only with password authorization. It means I should create users without password on every RHEL system. I tested for myself freeradius and I think this soft can't create and keep users accounts with right permissions (gid, uid, group) - ONLY password authorization. Am I right ? I really read a lot documents in the Internet and all manual include next step "... you must create a user on client server for login ..."

What I need. I want to have clear server which will be setted on authorization server. Withous any users and groups. Clear. I'll connect from my PC via SSH to some server and last one should request information about my account from authorization server. Then it should load my defauld profile, permissions and "clear system" which hasn't any users and group shoud understand my rights (gid, uid, group).

Is it possible ? I think try LDAP+PAM+SSH. Any ideas ?
Thanks and sorry for my bad english.
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Radius authorization on Linux clients

Hello folks, I was guessing if there is a way for configuring Radius authorization on Linux clients. My meaning is to make Radius server manage the authorization/permissions when executing any commnand on my linux servers. Then, there's any way to configure this with Radius? can I also... (1 Reply)
Discussion started by: carpannav
1 Replies

2. Shell Programming and Scripting

Connect (SSH) to Windows server via Linux server through a script and passing command.. but failing

I am trying to connect to Windows server via Linux server through a script and run two commands " cd and ls " But its giving me error saying " could not start the program" followed by the command name i specify e g : "cd" i am trying in this manner " ssh username@servername "cd... (5 Replies)
Discussion started by: sunil seelam
5 Replies

3. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

4. IP Networking

Authentication WAP with RADIUS Server

Network Configuration Figure http://geocities.com/fy_heng/test1.JPG Dear all, I currently performing an testing using the above network configuration (Please click on the above link). On how actually the RADIUS server can authenticate the user who connect to the WAP (wireless access point)... (0 Replies)
Discussion started by: Paris Heng
0 Replies

5. Cybersecurity

What's the difference between an SSH Client and an SSH Server?

Eh... yeah. What the title says. :D (1 Reply)
Discussion started by: PSC
1 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

radius

RADIUS(8)						    InterNetNews Documentation							 RADIUS(8)

NAME

       radius - nnrpd RADIUS password authenticator

SYNOPSIS

       radius [-h] [-f config]

DESCRIPTION

       radius is an nnrpd authenticator, accepting a username and password from nnrpd (given to nnrpd by a reader connection) and attempting to
       authenticate that username and password against a RADIUS server.  See readers.conf(5) for more information on how to configure an nnrpd
       authenticator.  It is useful for a site that already does user authentication via RADIUS and wants to authenticate news reading connections
       as well.

       By default, radius reads pathetc/radius.conf for configuration information, but a different configuration file can be specified with -f.
       See radius.conf(5) for a description of the configuration file.

OPTIONS

       -f config
	   Read config instead of pathetc/radius.conf for configuration information.

       -h  Print out a usage message and exit.

EXAMPLE

       The following readers.conf(5) fragment tells nnrpd to authenticate all connections using this authenticator:

	   auth radius {
	       auth: radius
	       default: <FAIL>
	       default-domain: example.com
	   }

       "@example.com" will be appended to the user-supplied identity, and if RADIUS authentication failes, the user will be assigned an identity
       of "<FAIL>@example.com".

BUGS

       It has been reported that this authenticator doesn't work with Ascend RADIUS servers, but does work with Cistron RADIUS servers.  It's also
       believed to work with Livingston's RADIUS server.  Contributions to make it work better with different types of RADIUS servers would be
       gratefully accepted.

       This code has not been audited against the RADIUS protocol and may not implement it correctly.

HISTORY

       The RADIUS authenticator was originally written by Aidan Cully.	This documentation was written by Russ Allbery <rra@stanford.edu>.

       $Id: radius.pod 7664 2007-09-02 12:58:07Z iulius $

SEE ALSO

       nnrpd(8), radius.conf(5), readers.conf(5)

       RFC 2865, Remote Authentication Dial In User Service.

INN 2.5.2							    2009-05-21								 RADIUS(8)