Re: Radius Question

William Bulley (web@merit.edu)
Sat, 4 Nov 1995 11:43:06 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Livingston Portmaster: "Re: Radius Question"
Previous message: Somebody: "Re: Radius Question"
In reply to: Somebody: "Re: Radius Question"
Next in thread: Livingston Portmaster: "Re: Radius Question"

According to owner-portmaster-users@livingston.com:
>
> What if you add an entry in the users file before the DEFAULT entry for
> djoe with some bogus password. Doesn't the radius code search the users
> files sequentially for the first match. This way djoe wouldn't be able
> to connect because he wouldn't have to correct password. Maybe entries
> for root and such should also be added to the users files if you use the
> DEFAULT mechanism.

The Merit RADIUS version has since its inception prohibited the user
with UID == 0 (i.e., root) from authenticating using the /etc/passwd
file.

> It would be nice if there was a keyword for the users password that
> meant that there was no access.

The Merit RADIUS version has defined a Prohibit check-item (attribute
value 1028) for some time (twelve months?) for just this purpose.

Regards,

web...

-- 
William Bulley, N8NXN              Senior Systems Research Programmer
Merit Network Inc.                 Domain: web@merit.edu
4251 Plymouth Road                 MaBell: (313) 764-9993
Ann Arbor, Michigan  48105-2785    Fax:    (313) 747-3185

Next message: Livingston Portmaster: "Re: Radius Question"
Previous message: Somebody: "Re: Radius Question"
In reply to: Somebody: "Re: Radius Question"
Next in thread: Livingston Portmaster: "Re: Radius Question"