On Aug 30, Stephen Fisher wrote
:
: On Sat, 30 Aug 1997, Fraser Campbell wrote:
:
: > I was reading a FAQ on shadow passwords and it recommends that shadow
: > passwords not be used on your UNIX machine if it is used by terminal
: > servers to verify users (via NFS, NIS, etc).
:
: Never heard such advice.
:
: > Does this apply to radius also? If not, and I do upgrade to shadow, do
: > I have to make any changes to our RADIUS server for it to work?
:
: I would use shadow anyway, and Radius should support it fine or with small
: changes.
But beware -- I just discovered that (at least on my linux system
(Debian GNU/Linux, using libc5) there are minor glitches, misfeatures or
whatever. If it hits you depends on your system and on your radiusd.
The radiusd I use (the one from cistron) is started
once and runs ``forever'' (unless I change the /etc/raddb/* files).
And it seems as if the shadow passwords are cached somewhere (libc?, not
(!) by the radiusd). Once the radiusd runs I can change user passwords
and the daemon doesn't get it.
Heiko
-- email : heiko@lotte.sax.de heiko@debian.org heiko@sax.de pgp : A1 7D F6 7B 69 73 48 35 E1 DE 21 A7 A8 9A 77 92 finger: heiko@sax.sax.de heiko@master.debian.org--952CO+2tg14KIzF6 Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE----- Version: 2.6.3ia
iQCVAwUBNAiNs9BsuuHx3GhhAQHfNAP/VVPLzME/ehfoEFtFe6VZYHG+wOlO2toU 90fyRefcwHkrZmJRkaTofGucKje8iW9V9NqfpNx7V47PCze96t67U5aNHkQY7Dbd 01evZFZpPdgtS9pSASM9OuLSkPSlOQlskNFIfc0NMJMWyXVExRVfagR+FrEziKt2 loemwry60ds= =/vhB -----END PGP SIGNATURE-----
--952CO+2tg14KIzF6--