Install the PAM RADIUS authentication module
$ sudo aptitude install libpam-radius-auth
Setup RADIUS server infomation
$ vi /etc/pam_radius_auth.conf
#server[:port] shared_secret timeout
Server_IP SHARED_SECRET 3
Setup PAM
$ vi /etc/pam.d/common-auth
##### RADIUS ######
auth sufficient pam_radius_auth.so debug
account required pam_radius_auth.so
session required pam_radius_auth.so
##### Origin #####
auth [success=1 default=ignore] pam_unix.so nullok_secure
auth requisite pam_deny.so
auth required pam_permit.so
##### automatic home directory creation for RADIUS user login #####
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 silent
Create user without password for RADIUS authentication, and assign to admin for sudo
$ sudo useradd RADIUS_user -G admin
沒有留言:
張貼留言