> I have Radius set up now on one of my terminal servers and everything is
> working fine and dandy for PPP logins. However, we also offer dial-up
> shell accounts and I want to set up the Radius server so that it will
> recognize that the login is a shell login and will directly login into
> the shell host after entering the password.
Hmmm... I should have waited another 10 minutes before mailing this,
because I figured it out... by accident of course. On the terminal
server, I had the ports set to security on. I was running through
another test and had forgotten to set the port to security on. But
to my surprise, the PPP login through Radius authentication worked.
I then tried logging in using a shell login, and again to my surprise
it worked just fine.
Anyway, I also noticed that the PPP login name and shell account
login can use the same username (it's so difficult explaining to the
users that a "PPP login name" is not the same as a "shell account
login name"). I can also set the Radius PPP authentication password
to UNIX so that the passwords will be the same. The question is, is
this a good idea? If a user changes their shell password through
their shell account, or through a PPP mail program (such as Eudora),
then their PPP password changes too and they'll have to reconfigure
their PPP dialer. Is it better to keep it a separate password?