[sudo-users] Re: Configuring SUDO with SecurID
Asif Iqbal
iqbala at qwestip.net
Sun Jun 13 19:18:50 EDT 2004
Jeanne_D_Chaff at KeyBank.com wrote:
>
>
>
>
>
> I am running sudo 1.6.7p5 on AIX 5.2 and would like to include SecurID in
> my implementation. I am looking the correct syntax for the SecurID flag.
>
> Thanks for the help.
>
> Jeanne
I installed sudo --with-pam. Then I installed the pam_radius and then in
my Solaris pam.conf file I added this entry
sudo auth required /usr/lib/security/pam_radius_auth.so.1
Now in the /etc/raddb/server (you have to create that file and make sure
readonly by root)
# server[:port] shared_secret timeout (s)
1.2.3.4 Ch00s30ne 5
The ip is your securid server's ip. And the shared secret key is the key
for the client that you must add through the ace client
Thats all for the client
Now on the server you have make sure your radius daemon in running on
udp port 1645 (default)
Notice you could configure any daemon with pam and add the daemon in the
pam.conf file, for example for sshd
Enjoy
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
There's no place like 127.0.0.1
More information about the sudo-users
mailing list