[sudo-users] Re: Configuring SUDO with SecurID

Asif Iqbal iqbala at qwestip.net
Sun Jun 13 19:18:50 EDT 2004

Jeanne_D_Chaff at KeyBank.com wrote:
> I am running sudo 1.6.7p5 on AIX 5.2 and would like to include SecurID in
> my implementation.  I am looking the correct syntax for the SecurID flag.
> Thanks for the help.
> Jeanne

I installed sudo --with-pam. Then I installed the pam_radius and then in
my Solaris pam.conf file I added this entry

sudo auth required /usr/lib/security/pam_radius_auth.so.1

Now in the /etc/raddb/server (you have to create that file and make sure
readonly by root)

# server[:port] shared_secret      timeout (s)		Ch00s30ne		5

The ip is your securid server's ip. And the shared secret key is the key
for the client that you must add through the ace client

Thats all for the client

Now on the server you have make sure your radius daemon in running on
udp port 1645 (default)

Notice you could configure any daemon with pam and add the daemon in the
pam.conf file, for example for sshd


Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
There's no place like

More information about the sudo-users mailing list