Re: radius server that reads from a file other than /etc/passwd/shadow

Jeff Haas (jmh@recepsen.aa.msen.com)
Tue, 11 Jun 1996 10:01:33 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robert Hanson: "Re: Getting the status of a Portmaster (fwd)"
Previous message: Joe Hartley: "Multiple BRI's on a BRI-5?"

Mickey was heard to say:
> One more question--has anyone hacked radius to get passwords from files
> other than /etc/passwd and /etc/shadow? This would be very helpful in
> keeping a backup radius server and not worrying about giving all the users
> access to the 2nd machine as well.

My suggestion is don't use the shadowed password at all.
Build RADIUS entries for each of the userids and then store
the entries in the DBM form of RADIUS. It requires a short
amount of time to build the necessary script, a small hack
to RADIUS to make it read the crypted entry and fini.

This method is easily scalable to password support for
multiple shell boxes. Also, some implementations of the
passwd file functions use linear (slow) searches. DBM
is almost guaranteed to be faster.

-- 
Jeff Haas, Systems Administrator, MSEN Inc.
"Miracles done daily.  The impossible takes a bit longer."

Next message: Robert Hanson: "Re: Getting the status of a Portmaster (fwd)"
Previous message: Joe Hartley: "Multiple BRI's on a BRI-5?"