-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06/01/2011, at 07:02, Bill Moran wrote: > > (don't see why this was on -current) > > In response to gahn <[email protected]>: >> hi all: >> >> i set up the freeradius 21.100.1 on freebsd 8.1. it uses local >> authentication database of /etc/passwd (thanks to the previous discussions >> alan did with others). the problem is: it only works with the condition of >> the server id running as "root" instead of "freeradius" due to the one way >> MD5 hash of /etc/passwd file. >> >> are there any other better ways to implement this? > > a) Put the Radius server in a jail, so it can run as root without all the > security concerns. > b) Use something other than /etc/passwd authentication > Cant radius use pam? perhaps you should look into that. It may be a pain though, freeradius is largely undocumented, and what documentation exists is often incomplete, incorrect and full of people touting "IT JUST WORKS" when 99% of the time, It never works. Once you figure it out however, its great. I would highly recommend putting your raddb into a version control system. > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[email protected]" William Brown pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQIcBAEBAgAGBQJNJRKdAAoJEHF16AnLoz6Je6YP/j5sfpXOReiyviyNututzGfA dS+/6MoBfumuzdLAxTZ5gCJ4r7hIWJSbl0vPbt8zDbigcGJKcuT63dfdeAsV/7vu /0KqeC1HbrS5mXB2bVVjUvxgm+LbTlTrS8pIkS3A1jWSvvYgqb5ABXL2gXDARJig pQ5Ehw/mJsgNNmYOrHD1FV5H1/0s0arXSK6rK/sJa7qBIyuLvfuatfK2NOFlPAr5 ST1UqvGrEVP5vA4GGO3+l4m7CBIuzVBuVaLpTpsHUXcdjxoB0bgZrR6se42z7VFo PgClT1bKv/Ht8rD9EO6oRpASAHB89/K1HpNvHbV9KT+veuKcla0xVPilpyt+XMES c4iDxwOBzml+N6QPiGdD9+GhfvZbg2JBgHoGYFXclyDJFceiDVkMgTWN75miB+d4 tMTZbtwkQNoobRmp/BCAlVqRJC3dUQeVqDSAUkuMf6ZU0WQWfh6g8qtGb0IA5mWH u0mRbBacEr4kx3bSeIzCb09DJMkDFmb1/kaQPVqUEYpU+ggW8yLV5sz/vdomdpRB 6hUfcXHnGK/GY4FsMPHaLTWghHdG6cFv8XwM/8ftsrCTtJYl0mD8xzSxqeTBCrua VPHcZ0d4gxe7reylYZfp8NqTAK96JBkRqEoTtYyi6Oiy8kbolY8SHiok98o/uydT nGM30URjS7EC7oSyL4N5 =ppAO -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
