> I'm curious, and (based upon experience of two months..) my utmp/wtmp
> records on our radius host shows 'root' logins INTO the host from our
> PM2E, yet for that corresponding period, there is no matching radius
> accounting records!
None just for "root" or for anybody at all? What about syslog? Is it
from the PM-2e itself or from a PPP session connected via the PM-2e?
Off-topic non-PM related, but why do you even allow "root" logins to your
Unix box? You should mark remote terminals as insecure and use su only
after the user is authenticated as a regular user.
> The logins are at a time when we are not usually around. The logins on the
> host are found by the 'last command', and the radius accounting logs are
> also on the same host in a different directory.
>
> We use system authentication on our RADIUS server, which I have found also
> lets me get into the network when dialing into the PM2E and giving the
> 'root' password of the radius host. Is there anyway to PREVENT a user
> being authenticated by radius but remaining authenticated by the system
> security - in essence similiar to /etc/ftpuser block list?
>
Use Auth-Type = Reject for the user in /etc/raddb/users.
-jr
----
Josh Richards - <jrichard@livingston.com> - <josh@lucent.com>
[Beta Engineer] - LUCENT Technologies - Remote Access Business Unit
<URL:http://www.livingston.com/> * <URL:http://www.lucent.com/dns/>
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>