NAME
pam_radius
- RADIUS PAM module
SYNOPSIS
[service-name]
module-type
control-flag
pam_radius
[options]
DESCRIPTION
The RADIUS service module for PAM
provides authentication services based
upon the RADIUS (Remote Authentication Dial In User Service) protocol.
The
pam_radius
module accepts these optional parameters:
- use_first_pass
-
causes
pam_radius
to use a previously entered password instead of prompting for a new one.
If no password has been entered then authentication fails.
- try_first_pass
-
causes
pam_radius
to use a previously entered password, if one is available.
If no
password has been entered,
pam_radius
prompts for one as usual.
- echo_pass
-
causes echoing to be left on if
pam_radius
prompts for a password.
- conf=pathname
-
specifies a non-standard location for the RADIUS client configuration file
(normally located in
/etc/radius.conf
).
- nas_id=identifier
-
specifies a NAS identifier to send instead of the hostname.
- template_user=username
-
specifies a user whose
passwd(5)
entry will be used as a template to create the session environment
if the supplied username does not exist in the local password database.
The user
will be authenticated with the supplied username and password, but his
credentials to the system will be presented as the ones for
username,
i.e., his login class, home directory, resource limits, etc. will be set to ones
defined for
username.
If this option is omitted, and there is no username
in the system databases equal to the supplied one (as determined by call to
getpwnam(3)),
the authentication will fail.
- nas_ipaddr[=address]
-
specifies a NAS IP address to be sent.
If option is present, but there is no value provided then IP address
corresponding to the current hostname will be used.
FILES
/etc/radius.conf
-
The standard RADIUS client configuration file for
pam_radius
SEE ALSO
passwd(5),
radius.conf(5),
pam(8)
HISTORY
The
pam_radius
module first appeared in
FreeBSD3.1.
The
pam_radius
manual page first appeared in
FreeBSD3.3.
AUTHORS
The
pam_radius
manual page was written by
Andrzej Bialecki <abial@FreeBSD.org>.
The
pam_radius
module was written by
John D. Polstra <jdp@FreeBSD.org>.