Re: Authentication File

Walter (walter@concepts.nl)
Tue, 25 Feb 1997 18:32:35 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chuck Rouzer: "User assigning IPs"
Previous message: Chuck Rouzer: "users assigning their own IPs"
Maybe in reply to: Yohannes A Sulistyono: "Authentication File"
Next in thread: Dale E. Reed Jr.: "Re: Authentication File"

I don't like password files that don't have any kind of
encryption, so I'd go for UNIX encrypted passwords.
However, keep in mind that you'll need to update
the /etc/passwd file on your unix system (you'll NEED an unix
system btw) AND you radius "users" file.
Another thing is that Ascend ISDN terminal servers
don't like UNIX passwords.. (AFAIK that's what they told me)

Keep in mind that you don't give radius callers access on your
unix system.. So make the default shell for every user /bin/false...
Also protect rlogin, ftp, etc etc ... Your system could allow
a valid radius user to login at your machine.
However, some "hacker" or collegue could just copy/print the
radius users file ... Image a few hundred radius accounts public
available :--(

At 14:08 25-02-97 +0700, you wrote:
>Hi there,
>Can anyonw tell me which file is better for authentication, UNIX file or
>Radius Database file?
>Also, how is about the performance, security, and easy-to-maintain of
>that each file? Because as I look at the Radius database file (filename :
>users), the password is typed as clear text.

Greetinx Earthling,
Walter Tak
walter@concepts.nl

Next message: Chuck Rouzer: "User assigning IPs"
Previous message: Chuck Rouzer: "users assigning their own IPs"
Maybe in reply to: Yohannes A Sulistyono: "Authentication File"
Next in thread: Dale E. Reed Jr.: "Re: Authentication File"