Date: Thu, 6 Jan 2011 11:23:46 +1030 From: Indexer <indexer@internode.on.net> To: Bill Moran <wmoran@potentialtech.com> Cc: gahn <ipfreak@yahoo.com>, freebsd general questions <freebsd-questions@freebsd.org> Subject: Re: freebsd and Message-ID: <22B48F74-6976-4DCB-8F3C-CE0D0D425173@internode.on.net> In-Reply-To: <20110105153217.018bd21a.wmoran@potentialtech.com> References: <534524.62805.qm@web130203.mail.mud.yahoo.com> <20110105153217.018bd21a.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/01/2011, at 07:02, Bill Moran wrote: >=20 > (don't see why this was on -current) >=20 > In response to gahn <ipfreak@yahoo.com>: >> hi all: >>=20 >> i set up the freeradius 21.100.1 on freebsd 8.1. it uses local = authentication database of /etc/passwd (thanks to the previous = discussions alan did with others). the problem is: it only works with = the condition of the server id running as "root" instead of "freeradius" = due to the one way MD5 hash of /etc/passwd file. >>=20 >> are there any other better ways to implement this? >=20 > a) Put the Radius server in a jail, so it can run as root without all = the > security concerns. > b) Use something other than /etc/passwd authentication >=20 Cant radius use pam? perhaps you should look into that.=20 It may be a pain though, freeradius is largely undocumented, and what = documentation exists is often incomplete, incorrect and full of people = touting "IT JUST WORKS" when 99% of the time, It never works. Once you = figure it out however, its great. I would highly recommend putting your = raddb into a version control system.=20 > --=20 > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" William Brown pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQIcBAEBAgAGBQJNJRKdAAoJEHF16AnLoz6Je6YP/j5sfpXOReiyviyNututzGfA dS+/6MoBfumuzdLAxTZ5gCJ4r7hIWJSbl0vPbt8zDbigcGJKcuT63dfdeAsV/7vu /0KqeC1HbrS5mXB2bVVjUvxgm+LbTlTrS8pIkS3A1jWSvvYgqb5ABXL2gXDARJig pQ5Ehw/mJsgNNmYOrHD1FV5H1/0s0arXSK6rK/sJa7qBIyuLvfuatfK2NOFlPAr5 ST1UqvGrEVP5vA4GGO3+l4m7CBIuzVBuVaLpTpsHUXcdjxoB0bgZrR6se42z7VFo PgClT1bKv/Ht8rD9EO6oRpASAHB89/K1HpNvHbV9KT+veuKcla0xVPilpyt+XMES c4iDxwOBzml+N6QPiGdD9+GhfvZbg2JBgHoGYFXclyDJFceiDVkMgTWN75miB+d4 tMTZbtwkQNoobRmp/BCAlVqRJC3dUQeVqDSAUkuMf6ZU0WQWfh6g8qtGb0IA5mWH u0mRbBacEr4kx3bSeIzCb09DJMkDFmb1/kaQPVqUEYpU+ggW8yLV5sz/vdomdpRB 6hUfcXHnGK/GY4FsMPHaLTWghHdG6cFv8XwM/8ftsrCTtJYl0mD8xzSxqeTBCrua VPHcZ0d4gxe7reylYZfp8NqTAK96JBkRqEoTtYyi6Oiy8kbolY8SHiok98o/uydT nGM30URjS7EC7oSyL4N5 =3DppAO -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22B48F74-6976-4DCB-8F3C-CE0D0D425173>