> Howdy,
> Does anyone currently (successfully) run a bsdi box as a primary
> radius server and linux as a secondary server, with automatic passwd
> updating every x hours??
> I gather linux will require shadowed passwd capable kernel.
> Got any info on this topic?
> btw which distribution of linux integrates well with bsd?
What we did for this was to modify our version of the radiusd to take
a command line arguement, that if it existed, look there for the shadow
file rather then in /etc/shadow. This is run on the secondary servers.
Then we use ssh to securely copy them from the master to the secondaries.
We could have done this via NIS+ or NYS but at the time I didn't trust the
code stability. Rather all of our user services are authenticated via
Radius. Every 5 minutes the file is copied over. Using this approach,
the main distribution doesn't need to know about shadow, all you need is
to compile the radius daemon with shadow support. This level of
`intergration' doesn't really have any drawbacks, if you have no experience
with Linux, I'd recommend Debian or Redhat, if you have previous experience,
choose the Distribution you are comfortable with.
--- |Douglas ``Wildcat'' Warren |Email: dwarren@netusa.net| Jura gur tbireazrag |Network/Security Consultant|Phone: (516) 543-0234 | bhgynjf Pelcgbtencul, |President of SBCS a chapter| Fax: (516) 543-0274 | bayl pevzvanyf jvyy |of the ACM. | PGP: finger dwarren | unir cevinpl