*BSD News Article 97614


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mira.net.au!news.netspace.net.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!news-peer.sprintlink.net!news-pull.sprintlink.net!news-in-east.sprintlink.net!news.sprintlink.net!Sprint!204.94.112.34!news.aloha.net!the.satanic.org!eric
From: eric@satanic.org (Eric Sorenson)
Newsgroups: comp.unix.bsd.bsdi.misc
Subject: Re: BSDI 3.0/Radius Question
Date: 12 Jun 1997 17:20:11 GMT
Organization: the Landing Fields
Lines: 49
Message-ID: <5npb4b$deq@nuhou.aloha.net>
References: <5nnvkf$f6v@host1.dia.net>
NNTP-Posting-Host: the.satanic.org
Cc: mschaff@host1.dia.net
X-Newsreader: TIN [version 1.2 PL2]
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.misc:6997

[ snippage throughout ]
Mitchell Schaff wrote:

] The USR product does not allow the same menuing function-
] ality that the routers provide, but we can address that issue internally.

Radius will allow you to make menus, check out 
http://www.livingston.com/Tech/Docs/RADIUS/guide/5menu.shtml

and see if that's in line with what you're currently doing.

] Regardless of whether the user telnets, ftps, sends a mail via a pop mail
] client, or starts a ppp session, the password is always verified against
] the original /etc/master.passwd file.  

Radius will do this too, you just set your user's password to the
"System" key and it will use their password on the radius server. 

] configure them appropriately.  Now, what I'm trying to find out is (1) how
] to configure my login.conf file so that if user tacuser signs in, he'll be
] verified via the tacacs software (ultimately using the /etc/passwd file),
] but if user raduser signs in, he'll be validated by radius.  Initially, this

Like I said, it's not necessarily either-or.  I've not used
tacas before, so I don't know if this is how you have it setup,
but radius supports prefixes and stuffixes to login names, so 
if the user's login is 'eric', entering 'ppperic' at the radius
prompt will start a ppp session, 'shelleric' a shell session, etc etc.

] rlogin, pop3, etc...) that the rpasswd file needs to be used, rather than the
] passwd file.  The two unix administrator guides which I have looked through
] have no mention of radius, and don't discuss the login.conf file.

The Radius administrator's guide is at
http://www.livingston.com/Tech/Docs/RADIUS/guide/index.shtml

this may help you learn more about what you'll be able to do with
the USR rack..

] Mitchell Schaff
] mschaff@host1.dia.net
] Dakota Internet Access

Hope this helps.

--
Eric Sorenson  -  root at satanic dot org  -  http://satanic.org
   Spamford got what he deserved.  Is your system vulnerable?
                Send me UCE and find out...