From owner-freebsd-questions@FreeBSD.ORG Fri May 4 14:15:40 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5420316A400 for ; Fri, 4 May 2007 14:15:40 +0000 (UTC) (envelope-from david.robillard@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.234]) by mx1.freebsd.org (Postfix) with ESMTP id 152D813C45D for ; Fri, 4 May 2007 14:15:39 +0000 (UTC) (envelope-from david.robillard@gmail.com) Received: by wx-out-0506.google.com with SMTP id s18so769965wxc for ; Fri, 04 May 2007 07:15:39 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=N9t68Ga1Ow4JrOz8rvIepSi03scBfTQsw55t5jzKQ4HFmjbbusiQr0pRL3qw9yuxTWFXBeARhqg3eQmPh5Rtuv8CRx6bfBAl0R8HpIZulVYdbs3l7kxxu26WP1rmcjUH5H3RAmjvF7lBL3BVNh3P0a170yqlImOcUsTAFl/SXVA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=dTF6tN4AypCsh+jSR/l57hPnRNleS4JscpKWvGcjfaSuIoMPF9CiCGbLZKcmAIHA10A6kKKouFDSkapxhxR6bUn7WIUIO7BlzQvuNIEIDP8/Z1Y2D9Y7CRkOleNDoBgmxyUhgui/OeBJN0OmNAhi3yF9ygpTcmRGyH+uxaFgc+U= Received: by 10.90.78.9 with SMTP id a9mr3217368agb.1178288139342; Fri, 04 May 2007 07:15:39 -0700 (PDT) Received: by 10.67.9.4 with HTTP; Fri, 4 May 2007 07:15:39 -0700 (PDT) Message-ID: <226ae0c60705040715v1854d81ag8ab634b85cb22ac9@mail.gmail.com> Date: Fri, 4 May 2007 10:15:39 -0400 From: "David Robillard" To: "FreeBSD Questions" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: "Michael K. Smith - Adhost" Subject: Re: RSA SecurID Pam Module Support? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2007 14:15:40 -0000 > We have recently purchased an RSA SecurID Appliance and there are no > native libraries for *BSD OS's. I have downloaded and installed the > appropriate files within the Linux Compat environment, but I'm not > having any success making it work. Specifically, the key file in > question is /compat/linux/lib/pam_securid.so. When I add the > appropriate configuration line to /etc/pam.d/sshd and attempt to log in > I get the following: > > May 3 09:43:01 ad-mon01 sshd[30508]: in openpam_load_module(): no > /compat/linux/lib/pam_securid.so found > May 3 09:43:01 ad-mon01 sshd[30508]: fatal: PAM: initialisation failed > > Of course, the file actually does exist. > > -rwxr-xr-x 1 1047 900 895304 May 2 11:13 > /compat/linux/lib/pam_securid.so > > Has anyone had any success getting this .so to work under FreeBSD, > specifically 6.2 Release? Hi Michael, We're also running some RSA SecurID Appliances. Since we need the support from RSA and that FreeBSD is not listed in their supported OS matrix, we decided to use RedHat for the front-end HTTP servers to run their module. All the rest of our business application that requires RSA authentication is running under FreeBSD. IMHO you should only use an RSA supported OS to run their module. Because otherwise you won't receive any help from them if they know you're running this under FreeBSD. Sad, but unfortunately true. Good luck, David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122