Child pages
  • OpenAM Pluggable Authentication Module(PAM) integration with UNIX
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

-       Pre-requisites

Steps -

  1. Check if the PAM Radius client library (pam_radius_auth.so) in installed in “/usr/lib/security/” folder.
  2. Otherwise compile the library by following instructions at http://freeradius.org/pam_radius_auth/
  3. To enable PAM based authentication for SSH, add the pam auth radius library to pam.conf file.
    In My Linux environment it look like following -
  4. Create server configuration file.  An example is given in the file pam_radius_auth.conf.  You will need to copy this file to /etc/raddb as "server".
    In My environment it appears as follows -
  5. Ensure that following flags are enabled in UNIX login configuration file -

    ChallengeResponseAuthentication yes

    UsePAM yes

  6. Define a Radius Client in OpenAM with same shared secret defined in /etc/raddb/server file.

  7. Now the setup is completed and when you login to UNIX host PAM module will perform the authentication against OpenAM radius server.

 

  • No labels