Re: Problem with Merit realms and Rlogin users
William Bulley (web@merit.edu)
Wed, 14 Aug 1996 10:49:21 -0400 (EDT)
According to David Carmean:
>
> Summary: Rlogin fails because user@realm.name is passed to rlogind.
>
> I'm running a slightly tweaked version of Merit RADIUS (2.4.16...I know,
> I should upgrade). I need to start using realms, 'cause we're gonna
> share some modems with another ISP. Works fine for PPP logins, but
> if a realm is used for a shell login, the portmaster passes
> 'user@realm.name' to rlogind.
>
> Have I broken something in the Merit code? Is/can the RADIUS response
> (be) used to change the username on the Portmaster/NAS so that rlogin
> gets the correct argument?
>
> Otherwise, I don't know how realms could ever be used in an environment
> that allows shell logins.
Here in MichNet we don't use rlogin for the obvious security reasons...
However, if you insist :-) it may be possible to tweak the code to
use the parsed User-Id (experimental attribute 222) i.e., just the
name with the "@realm" removed.
I'm just guessing here, so don't quote me, like I said, we don't use this.
Regards,
web...
--
William Bulley, N8NXN Senior Systems Research Programmer
Merit Network Inc. Domain: web@merit.edu
4251 Plymouth Road MaBell: (313) 764-9993
Ann Arbor, Michigan 48105-2785 Fax: (313) 747-3185