Login or Register to Ask a Question and Join Our Community


Red Hat

RADIUS server for SSH authorization

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat RADIUS server for SSH authorization
# 1  
Old 05-03-2011
RADIUS server for SSH authorization
Good day to anyone. I need your help.
I want to create a centralization server for authorization my users via SSH connections. My manager suggested me a RADIUS + PAM, but frankly speaking I read a lot information about these and understood one thing - RADIUS could work only with password authorization. It means I should create users without password on every RHEL system. I tested for myself freeradius and I think this soft can't create and keep users accounts with right permissions (gid, uid, group) - ONLY password authorization. Am I right ? I really read a lot documents in the Internet and all manual include next step "... you must create a user on client server for login ..."

What I need. I want to have clear server which will be setted on authorization server. Withous any users and groups. Clear. I'll connect from my PC via SSH to some server and last one should request information about my account from authorization server. Then it should load my defauld profile, permissions and "clear system" which hasn't any users and group shoud understand my rights (gid, uid, group).

Is it possible ? I think try LDAP+PAM+SSH. Any ideas ?
Thanks and sorry for my bad english.
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Radius authorization on Linux clients

Hello folks, I was guessing if there is a way for configuring Radius authorization on Linux clients. My meaning is to make Radius server manage the authorization/permissions when executing any commnand on my linux servers. Then, there's any way to configure this with Radius? can I also... (1 Reply)
Discussion started by: carpannav
1 Replies

2. Shell Programming and Scripting

Connect (SSH) to Windows server via Linux server through a script and passing command.. but failing

I am trying to connect to Windows server via Linux server through a script and run two commands " cd and ls " But its giving me error saying " could not start the program" followed by the command name i specify e g : "cd" i am trying in this manner " ssh username@servername "cd... (5 Replies)
Discussion started by: sunil seelam
5 Replies

3. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

4. IP Networking

Authentication WAP with RADIUS Server

Network Configuration Figure http://geocities.com/fy_heng/test1.JPG Dear all, I currently performing an testing using the above network configuration (Please click on the above link). On how actually the RADIUS server can authenticate the user who connect to the WAP (wireless access point)... (0 Replies)
Discussion started by: Paris Heng
0 Replies

5. Cybersecurity

What's the difference between an SSH Client and an SSH Server?

Eh... yeah. What the title says. :D (1 Reply)
Discussion started by: PSC
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

squid3_radius_auth

squid_radius_auth(8)					      System Manager's Manual					      squid_radius_auth(8)

NAME

       squid_radius_auth - Squid RADIUS authentication helper

SYNOPSIS

       squid_radius_auth -f configfile
       squid_radius_auth -h "server" [-p port] [-i identifier] -w secret

DESCRIPTION

       This helper allows Squid to connect to a RADIUS server to validate the user name and password of Basic HTTP authentication.

       -f configfile
	      Specifies the path to a configuration file. See the CONFIGURATION section for details.

       -h server
	      Alternative method of specifying the server to connect to

       -p port
	      Specify  another	server	port where the RADIUS server listens for requests if different from the default RADIUS port.  Normally not
	      specified.

       -i identifier
	      Unique identifier identifying this Squid proxy to the RADIUS server.  If not specified the IP address is used  as  to  identify  the
	      proxy.

       -w secret
	      Alternative method of specifying the shared secret. Using the configuration file is generally more secure and recommended.

       -t timeout
	      RADIUS request timeout. Default 10 seconds.

CONFIGURATION

       The configuration specifies how the helper connects to RADIUS.  The file contains a list of directives (one per line). Lines beginning with
       a # is ignored.

       server radiusserver
	      specifies the name or address of the RADIUS server to connect to.

       secret somesecretstring
	      specifies the shared RADIUS secret.

       identifier nameofserver
	      specifies what the proxy should identify itsels as to the RADIUS server.	This directive is optional.

       port portnumber
	      Specifies the port number or service name where the helper should connect.

AUTHOR

       This manual page was written by Henrik Nordstrom <hno@squid-cache.org>

       squid_radius_auth is written by Marc van Selm <selm@cistron.nl> with contributions from Henrik  Nordstrom  <hno@squid-cache.org>  and  many
       others

QUESTIONS

       Any  questions on usage can be sent to Squid Users <squid-users@squid-cache.org>, or to your favorite RADIUS list/friend if the question is
       more related to RADIUS than Squid.

REPORTING BUGS

       Report bugs or bug-fixes to Squid Bugs <squid-bugs@squid-cache.org> or ideas for new improvements  to  Squid  Developers  <squid-dev@squid-
       cache.org>

SEE ALSO

       RFC2058 - Remote Authentication Dial In User Service (RADIUS)

Squid RADIUS Auth						   7 August 2004					      squid_radius_auth(8)