> Once upon a time Kelly French shaped the electrons to say...
> >Why use radius?? why not stick with a /etc/passwd file??
>
> If you have a distributed network, RADIUS allows different macines to all
> connect to the same security server easily.
>
> If you're using one Linux box - seems to me /etc/password is easier for
> one box.
The best solution for multi-computer authentication is not RADIUS, but
rather Kerberos. Where RADIUS is nice is that it is a common way of
telling various types of terminal servers configuration information for
dial-in users and accounting for these dial-in users. It is IMHO a
special purpose authenticator (even if it could be used in a more general
setting), whereas Kerberos support is available in almost all system
services (ftp, telnet/rlogin, pop, imap, http, etc.)
Unfortunately Livingston radiusd does not support Kerberos
authentication. When will this be available?
Evan
-- Evan Champion * Director, Network Operations mailto:evanc@synapse.net * Directeur, Exploitation du reseau http://www.synapse.net/ * Synapse Internet