Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Tacacs and OpenSSH

from [Gary Schlachter] Network Security [Permanent Link]
Subject: Tacacs and OpenSSH
Date: Thu, 27 Jul 2006 09:25:58 -0400
I know this question has been asked several times over the years but I have not seen a definitive answer/solution if one exists. If one does not exist or I need to develop one, then I can stop looking! I am attempting to integrate a Tacacs+ PAM with OpenSSH. I would like to have the PAM authenticate the User ID as well as the password. Thus the users do not exist in /etc/passwd. I am not using NIS or any other system for user ids. The Tacacs server is the only place the user ids exist. Ultimately when the user authenticates via Tacacs, I will switch the user to a known user in /etc/passwd and provide the logging in user with a specific TTY interface via the shell. When attempting this on linux with OpenSSH 4.3p2 compiled with with_pam and seemingly the correct sshd_config options, I received the infamous "Invalid user" debug messages. Is this possible with the current OpenSSH and/or some patch for it?

Thanks in advance,
Gary

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  buffer_get: trying to get more bytes 4, Anne Hammond
Next by Date:  Re: Tacacs and OpenSSH, Asif Iqbal
Previous by Thread:  buffer_get: trying to get more bytes 4, Anne Hammond
Next by Thread:  Re: Tacacs and OpenSSH, Asif Iqbal
Indexes:  [Date] [Thread] [Top] [All Lists]