| Yubico Forum https://forum.yubico.com/ |
|
| Yubikey PAM + Freeradius + Mysql https://forum.yubico.com/viewtopic.php?f=8&t=323 |
Page 1 of 1 |
| Author: | rvetter [ Fri May 01, 2009 8:52 pm ] |
| Post subject: | Yubikey PAM + Freeradius + Mysql |
I am currently using freeradius server with user accounts stored in a mysql database. I was looking to implement the yubikeys with my freeradius server in a password+yubikey setup. I was held up because I didn't want to store my users as local user accounts on my freeradius server. I setup a test box and messed around with a few ideas on how to get it working and I finally got something to work. I figured I would share my results if anyone is interested. I was was able to get the mysql authentication to work by using both the yubikey PAM module and the pam-mysql module http://pam-mysql.sourceforge.net/. I just pointed the pam-mysql module to look at the mysql table I was already using with my freeradius mysql setup. I wanted to migrate users from mysql authentication to yubikey+mysql authentication. Using the radgoupcheck table I set the Auth-Type := Pam, and the Fall-Through := 1, so I could migrate users group by group. pam radius config file --------------------- auth required pam_yubico.so authfile=/etc/yubikeyid id=16 debug auth required /lib/security/pam_mysql.so user=dbadmin passwd=xxx host=localhost db=radius_db01 table=radcheck usercolumn=UserName passwdcolumn=Value crypt=0 account required /lib/security/pam_mysql.so user=dbadmin passwd=xxx host=localhost db=radius_db01 table=radcheck usercolumn=UserName passwdcolumn=Value crypt=0 |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|