Language Selection

English French German Italian Portuguese Spanish

Using RADIUS to authenticate users with RSA SecurID

Filed under
HowTos

Recently I was tasked with authenticating users who carry RSA SecurID tokens. I was highly inspired by Jeff Wirth and his success using RADIUS to authenticate with SecurID Tokens on FreeBSD. While I'm not a fan of non-free software, it's possible to make each server authenticate against the non-free RSA Ace server using only free software. This isn't a perfect solution but it's useful when such a requirement is thrust upon you.

The requirements are simple. Your RSA Authentication server must be configured to allow authentication through a RADIUS server. This means that your RSA server has some sort of RADIUS server running on it or somehow you have a RADIUS server authenticating against your RSA ACE server.

As a result of the simple nature of a RADIUS server, you'll have authentication but you'll be lacking directory services. This is suboptimal but still useful in specific cases. This is an example where you want to authenticate and you can handle creating a user name, a user ID and a group ID on the local system.

First we're going to install the PAM module that authenticates against our RADIUS server:

Full Story.

More in Tux Machines

Today in Techrights

Linux, Graphics, and Linux Foundation

Leftovers: Debian and Ubuntu

  • CD/DVD Image Changes For The Upcoming Debian 9.0 Release
    With Debian 9.0 not being far away from releasing, the Debian CD Images Team has issued an update over their fundamental changes happening for this "Stretch" cycle.
  • The System76 'Galago Pro' laptop looks fantastic, $50 off for a few more days
    The Galago Pro looks like an incredibly stylish device ready for the masses with a slick aluminium casing, instead of the always cheap feeling plastic cases most tend to come with. It's slim, but best of all incredibly light for such a device at 1.3kg (2.87 lbs). It comes with Ubuntu 16.04.2 LTS or Ubuntu 17.04, a speedy 7th Gen Intel in either an i5 7200U or i7 7500U and Intel® HD Graphics 620.
  • Download Ubuntu 17.10 daily builds
    The release schedule for Ubuntu 17.10 has been announced, and you can now download the daily build ISO images as well. Daily builds can be useful to watch the progress of Ubuntu 17.10, but are not recommended for normal usage due to possible bugs and changes.

Leftovers: Software

  • GJS: What’s next?
    In my last post, I went into detail about all the new stuff that GJS brought to GNOME 3.24. Now, it’s time to talk about the near future: what GJS will bring to GNOME 3.26.
  • Sending SMS from Linux Just Got Easier with Latest Indicator KDE Connect Update
    Indicator KDE Connect now has Google Contacts integration, making it even easier to send text messages from the Linux desktop.
  • Cumulus Qt is a Lightweight Weather App for Linux
    Cumulus Qt is a Qt weather app for the Linux desktop. It's lightweight, has a bold, striking design inspired by Stormcloud, and is very customisable.
  • Vivaldi 1.10 Browser Now in Development, Will Introduce Docked Developer Tools
    Vivaldi's Ruarí Ødegaard just informed us a few moments ago that Vivaldi 1.10 will be the next major version of the free and cross-platform web browser based on the latest Chromium technologies, not Vivaldi 2.0 as many of you have hoped. Vivaldi 1.9 just hit the streets the other day as world's first web browser to ship with the Ecosia search engine enabled by default to help reforest the plane, and it now looks like Vivaldi's devs never sleep, and development of Vivaldi 1.10 starts today with the first snapshot, Vivaldi 1.10.829.3, which introduces a long-anticipated feature: Docked Developer Tools!