[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnu-radius] RSA SecurID Problem
|
From: |
Roger E McClurg |
|
Subject: |
[Help-gnu-radius] RSA SecurID Problem |
|
Date: |
Thu, 18 Nov 2004 10:42:55 -0500 |
Hi all,
I have GNU Radius v1.1 running on Solaris 2.8 and using pam for
authentication. The pam authentication module is provided by RSA for use
in authenticating SecurID tokens. Under normal circumstances the
authentication works just fine. However, if the token gets into new pin
mode or next token mode, user authentication fails.
I contacted RSA about the problem. RSA provides a program (acetest) which
tests out the pam modules. Acetest is able to sucessfully authenticate
users in new pin and next token modes. Since their program works
sucessfully, RSA say it's Radius' problem, and will not help.
My config information is below. Can anyone tell if I have done something
wrong, or is the problem in Radius. If Radius is the problem, can it be
fixed?
DEFAULT Auth-Type = Pam
Service-Type = Framed-User,
Framed-Routing = None,
Framed-Protocol = PPP,
Framed-IP-Netmask = 255.255.255.248,
Framed-Routing = None,
Ascend-Assign-IP-Pool = 1,
Ascend-Idle-Limit = 1200
# PAM configuration
#
# Radius modules - gfl
# auth and account management use the pam_securid.so module.
# password and session management use the pam_sample.so.1 module.
# -- pam_sample for password and session are no-op and return
PAM_SUCCESS
radius auth required /usr/lib/security/$ISA/pam_securid.so
debug
radius account required /usr/lib/security/$ISA/pam_securid.so
debug
radius password required /usr/lib/security/$ISA/pam_sample.so.1
radius session required /usr/lib/security/$ISA/pam_sample.so.1
Best Regards,
Roger McClurg
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Help-gnu-radius] RSA SecurID Problem,
Roger E McClurg <=