Language Selection

English French German Italian Portuguese Spanish

Using RADIUS to authenticate users with RSA SecurID

Filed under
HowTos

Recently I was tasked with authenticating users who carry RSA SecurID tokens. I was highly inspired by Jeff Wirth and his success using RADIUS to authenticate with SecurID Tokens on FreeBSD. While I'm not a fan of non-free software, it's possible to make each server authenticate against the non-free RSA Ace server using only free software. This isn't a perfect solution but it's useful when such a requirement is thrust upon you.

The requirements are simple. Your RSA Authentication server must be configured to allow authentication through a RADIUS server. This means that your RSA server has some sort of RADIUS server running on it or somehow you have a RADIUS server authenticating against your RSA ACE server.

As a result of the simple nature of a RADIUS server, you'll have authentication but you'll be lacking directory services. This is suboptimal but still useful in specific cases. This is an example where you want to authenticate and you can handle creating a user name, a user ID and a group ID on the local system.

First we're going to install the PAM module that authenticates against our RADIUS server:

Full Story.

More in Tux Machines

Why open source could be IBM's key to future success in the cloud

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud. That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud. Read more

Top 8 Debian-Based Distros

Most people tend to forget that despite Ubuntu's success over the years, it's still just a distro based on another distro - Debian. Debian on its own, however, isn't really well suited for newer users...hence the explosion of distros based on Debian over the recent years. There are lot of great choices for Linux users. Which one is best for you? Read more

Compact, rugged IoT gateway offers dual GbE with PoE

Inforce has launched a $250 “Inforce 6320” IoT gateway that runs Linux on a quad -A53 Snapdragon 410, and offers WiFi, BT, GPS, HDMI, USB, -30 to 85°C support, and dual GbE ports with PoE. Inforce Computing’s $250 Inforce 6320 is a compact (170 x 95 x 42mm) IoT gateway that runs Ubuntu Core (Snappy) and Debian on Qualcomm’s Snapdragon 410E. Inforce promises “periodic upstream kernel based BSP releases [that] include in-depth documentation along with a host of royalty-free software.” The Debian BSP includes LXDE, drivers for all available interfaces, as and access to the Inforce TechWeb tech support services. Read more

Today in Techrights