/etc/freeradius/3.0/sites-enabled/default[521]: Failed to find "pam" as a module or policy.
/etc/freeradius/3.0/sites-enabled/default[521]: Please verify that the configuration exists in /etc/freeradius/3.0/mods-enabled/pam.
/etc/freeradius/3.0/sites-enabled/default[483]: Errors parsing authenticate section.
↧
Re: Adding Two-Factor Authentication to FreeRADIUS
↧
Re: F5 BIG-IP LTM VE Initial Configuration
Hello,
At the end of the 90 days is it possible to renew the licence or is it over?
Guillaume
↧
↧
Re: F5 BIG-IP LTM VE Initial Configuration
Guillaume,
The 90-day trial license is no longer available if I recall correctly. I never tried to reapply another license. Even if it doesn't let you make sure to save a UCS file so when you have to rebuild it, then you have a copy of your lab environment.
Thanks,
Andrew
↧
Re: How to configure EdgeRouter Lite via CLI – Part 1
I had problems in the past deleting the ubnt account because files were leftover that had a uid of 1000, but the new admin had a uid of 1001. So could not access some files and many things silently crashed. What i am testing now is
$ echo do the following from the serial console.
$ echo The root user can only logon from the serial console by default, not ssh.
$ logon as ubnt
$ sudo su -
# passwd
# Set a passwd for root
# Repeat passwd for root
# exit
$ exit
login: root
passwd: new root passwd
# userdel --remove ubnt
# useradd --uid 1000 --gid 100 --create-home --groups users adm disk sudo dip vyattacfg quaggavty newUsername
# id newUsername
# reboot # now logon as newUsername
↧
Re: Securing SSH with Google Authenticator
I'd like all users to require the key, except root. How to do that?
↧
↧
Re: Securing SSH with Google Authenticator
I don't recommend keeping the root account active, but sounds like you have a use case that requires it to be active. The nullok line, as mentioned in the article, should take care of user accounts with no key yet.
↧
Re: Adding Two-Factor Authentication to FreeRADIUS
The guide losts a step to copy
/etc/freeradius/3.0/mods-available/pam to /etc/freeradius/3.0/mods-enabled/pam
↧
Re: Adding Two-Factor Authentication to FreeRADIUS
This post is based on FreeRADIUS 2.x. The new guide is covered in the FreeRADIUS 3.0 with Two-Factor Authentication (2FA) article. It does have the symbolic link, so no need to copy.
↧
Re: My Semi-Managed Switch – TL-SG2008
This article is now several years old and folks landing on this via a search should know that the latest hardware version of this switch is now up to V 3 . Also, the firmware has gone through several revisions and it appears that some of the issues posted here have been addressed.
I may do further testing to confirm.
I guess also it would be nice if reviewers posted the hardware and firmware version of the devices they are testing so that others that stumble on possibly outdated information would be able to compare.
Please consider that for future writings...
↧
↧
Re: Adding Two-Factor Authentication to FreeRADIUS
hi this seems really late but im trying to configure this option 2 and i keep getting the error in freeradius -X
(1) Failed to authenticate the user
(1) Using Post-Auth-Type Reject
(1) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(1) Post-Auth-Type REJECT {
(1) attr_filter.access_reject: EXPAND %{User-Name}
(1) attr_filter.access_reject: --> dan-paolo.antazo
(1) attr_filter.access_reject: Matched entry DEFAULT at line 11
(1) [attr_filter.access_reject] = updated
(1) [eap] = noop
(1) policy remove_reply_message_if_eap {
(1) if (&reply:EAP-Message && &reply:Reply-Message) {
(1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(1) else {
(1) [noop] = noop
(1) } # else = noop
(1) } # policy remove_reply_message_if_eap = noop
(1) } # Post-Auth-Type REJECT = updated
(1) Delaying response for 1.000000 seconds
Hope you can help me I'm new to this
↧
Re: FreeRADIUS 3.0 with Two-Factor Authentication (2FA)
I'm stuck on this for a 3 days already.. I'm getting
pam: ERROR: pam_authenticate failed: Authentication failure
[pam] = reject
Failed to authenticate the user
Can anyone help me? Thanks!
↧
Re: Securing Cisco ASA SSH server
Great article Andrew, Thank you!
↧
Re: Adding Two-Factor Authentication to FreeRADIUS
I got the same... Do you have solution for this?
↧
↧