[snip]
| > This set-up can possibly be the answer to what we need. We are an ISP and
| > we have several packages for our clients. The unlimited package should be
| > limited to just one log-in or session at a time. Is this possible using
| > yor set-up?
Radius, at least, the livingston edition, is stateless, so you
would need something extra to achieve this.
| > Also, are you using DEFAULT on your radius database file
| > (/etc/raddb/users)?
| Yep. We use the default for shell users (it automatically rlogin's them
| to our shell machine, but you could make the default anything that you
| want. The script writes a default section after it's parsed all the
| passwd file (and doesn't write records for shell users.
using the default entry for PPP users reduced our users file
from something over 1mb (we do use db) to <40k. And for ISP's whose
main accounts are PPP, this may be the best way to do it.
radius 2.0.1 is better than 2.0, but both can die if you fsck up
your dns.
it works well with GRIC, also with a simple modification to use
a fake password file and run as a regular user. IMHO, radius really
doesnt need to run as root.
Peter
----*
-- A well fed missile is a happy missile! - TRR 1997O_u \\ Ciscomancer // P-Chan ya \\ Global OnLine Japan U \Beh! \\ Postmonster // P-Moji-Yo! \\ Steam Engine Dept