Another option would be to modify rlogind's on involved machines.
Considering problems with identical login ids for different users
on different hosts I'd opt for keeping realms all the way down to
unix accounting (wtmp/utmp), but that's not an easy task (radius
supports logins up to 32 bytes long, unlike most host OSes).
Livingston could have made "stripping a realm before passing name to rlogin"
a configurable option or whatever but... see above.
>
>
> Summary: Rlogin fails because user@realm.name is passed to rlogind.
>
> I'm running a slightly tweaked version of Merit RADIUS (2.4.16...I know,
> I should upgrade). I need to start using realms, 'cause we're gonna
> share some modems with another ISP. Works fine for PPP logins, but
> if a realm is used for a shell login, the portmaster passes
> 'user@realm.name' to rlogind.
>
> Have I broken something in the Merit code? Is/can the RADIUS response
> (be) used to change the username on the Portmaster/NAS so that rlogin
> gets the correct argument?
>
> Otherwise, I don't know how realms could ever be used in an environment
> that allows shell logins.
>
> T.I.A.....
>
> --
> David Carmean WB6YZM DC574 <dlc@silcom.com>
> System/Network Administration, Silicon Beach Communications
> Unsolicited commercial e-mail not accepted. Violators will be LARTed.
>
-- Igor V. Semenyuk Internet: iga@sovam.com SOVAM Teleport Phone: +7 095 258 4170 Moscow, Russia Fax: +7 095 258 4133