> > I don't know if it's Livingston-recommended, but what we do is
> > periodically rdist the users and passwd files from the primary to the
> > secondary.
>
> And what stops them from then logging into the secondary radius server?
The password file is run through a script that sets shells on all UIDs
above 1000 to /bin/false. Privileged users are given lower UIDs that are
not over-written.
-- Jay Hennigan jay@west.net --
WestNet: Internet service to Santa Barbara, Ventura and the world.
805-892-2133 805-289-1000 805-578-2121
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.