Language Selection

English French German Italian Portuguese Spanish

Using RADIUS to authenticate users with RSA SecurID

Filed under
HowTos

Recently I was tasked with authenticating users who carry RSA SecurID tokens. I was highly inspired by Jeff Wirth and his success using RADIUS to authenticate with SecurID Tokens on FreeBSD. While I'm not a fan of non-free software, it's possible to make each server authenticate against the non-free RSA Ace server using only free software. This isn't a perfect solution but it's useful when such a requirement is thrust upon you.

The requirements are simple. Your RSA Authentication server must be configured to allow authentication through a RADIUS server. This means that your RSA server has some sort of RADIUS server running on it or somehow you have a RADIUS server authenticating against your RSA ACE server.

As a result of the simple nature of a RADIUS server, you'll have authentication but you'll be lacking directory services. This is suboptimal but still useful in specific cases. This is an example where you want to authenticate and you can handle creating a user name, a user ID and a group ID on the local system.

First we're going to install the PAM module that authenticates against our RADIUS server:

Full Story.

More in Tux Machines

Argos Uses GNU/Linux, Windows Leads Only to Malware

Last year we reported that another British giant, Ryman (smaller than Argos, but still a highstreet chain), had moved to GNU/Linux. They told me that had dumped it due to Windows malware. Read more

Linux 4.1 Has Improvements For The Multi-Queue Block Layer

The latest good stuff for the Linux 4.1 kernel are the block core improvements, which mostly are focused on improving the multi-queue block layer (blk-mq). Read more

Watch Out Google, DARPA Just Open Sourced All This Swish 'Dark Web' Search Tech

Google appears to be an indomitable force. But, with today’s release from the US military’s research arm of its Memex search technologies and Europe’s competition investigation into the Mountain View giant, it might be a propitious time for tech-minded entrepreneurs to start building a Google killer. Read more