1. Download and compile latest OpenSSH w/ PAM on your host.
2. Start the radius daemon on your SecurID server.
3. Compile radius auth pam library on your host from the source code found in
freeradius website
4. Choose a radius key for the host and place it in /etc/raddb/server page with
the IP of the SecurID server
5. Add the host using ACE Client and place the same radius key there
6. Set UsePAM to yes on your host's sshd_config file. Privilege Separation
should work just fine
7. Send a HUP--no need to kill and restart--to your parent ssd process
if you already have the pam enabled sshd running. Otherwise start the
just compiled one. If you do not want to kill your existing sshd yet
just do make (and make install yet) and run the newly compiled sshd on a
different (not port 22) port.
Now you can ssh (on that non-default port may be) to your host using securid.
It is using the radius port
on the securid server to authenticate against the securid database.
Thanks
On Thu, Jan 19, 2006 at 10:17:34AM, Steve Calderoni wrote:
Hello all,
I have openssh installed and am having a small problem that I hoping
someone will be able to help with.
When I log into my openssh server I then try to ssh to a server from there
that uses SecureID. The session connects then the banner text appears and
from there it should display the PASSCODE: prompt but never makes it.
Directly from the server I can log in just fine. It just does not work from
within a session.
If anyone has any ideas that may help I would appriciate it!
Thanks,
Steve
_________________________________________________________________
Don?t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
"..there are two kinds of people: those who work and those who take the
credit...try
to be in the first group;...less competition there." - Indira Gandhi
