Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 1 May 2015 15:25:19 -0700
From:      Chris Stankevitz <chrisstankevitz@gmail.com>
To:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   Re: Using pam_radius in /etc/pam.d/sshd
Message-ID:  <CAPi0psvUKZpO5HwFWEVSO=Td7+RgXVkLPSKFy2fDxXWmNvsFNg@mail.gmail.com>
In-Reply-To: <CAPi0psuR6P9HrE-nK79hvwrAng6=u+5H8N3_XhHDiSu4bMqfWQ@mail.gmail.com>
References:  <CAPi0psuR6P9HrE-nK79hvwrAng6=u+5H8N3_XhHDiSu4bMqfWQ@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, Apr 28, 2015 at 12:05 PM, Chris Stankevitz
<chrisstankevitz@gmail.com> wrote:
> After I supply an incorrect radius password three time, I am not
> afforded an opportunity to supply my pam_unix password.  Why am I not
> afforded this opportunity? (pam.d/sshd below)

Update: problem was the "try_first_pass" option to pam_unix.  This
caused pam_unix to attempt to use pam_radius's password.  Figured out
what was happening by enabling the debug log.

Chris



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CAPi0psvUKZpO5HwFWEVSO=Td7+RgXVkLPSKFy2fDxXWmNvsFNg>