Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- PLink compatibility
April 30, 2015, 3:08 pm
rate this thread
They are currently using Juno Pulse, but it is too restrictive for our needs.
PLink allows us to create a much smaller tunnel, that does not restrict local area network connectivity.
But, for the dual authentication, our customer is using Entrust, as the second randomly generated dual authentication method.
I need to know if PLink is compatible with Entrust.
In speaking with the Entrust development team, they told me that Entrust will work with any VPN or tunneling program, that is RADIUS capable.
So, in a nutshell, I need to know if PLink is RADIUS compliant?
Thanks in advance, and have a great day.
Re: PLink compatibility
I hadn't heard of RADIUS at all before this post, so Plink certainly
contains no specific support for it. However, after a bit of googling,
I'm unconvinced that it needs to.
According to http://en.wikipedia.org/wiki/RADIUS , it's a network
protocol of its own, used to validate a username/password pair with a
central server. That suggests that the way in which you'd implement it
in conjunction with SSH would be at the server end: the SSH client
(e.g. Plink) would use the ordinary SSH password authentication
protocol, and the SSH server would send the username/password pair to
its local RADIUS server for approval, rather than looking it up in
whatever local password file it would normally use.
If that's true (and I stress again that this is a deduction made on
the basis of five minutes of googling), then Plink doesn't need to
support RADIUS; instead, the SSH server that Plink is connecting to
needs to support it, and if it does, then Plink will work with it
without having to know anything about RADIUS itself.
Googling for 'radius ssh' turns up pages like this one:
which supports my guess that this is something you set up at the SSH
server, and gives specific instructions for RADIUS-enabling one
particular SSH server (namely OpenSSH on Ubuntu Linux)
for k in [pow(x,37,0x1a1298d262b49c895d47f) for x in [0x50deb914257022de7fff,
0x213558f2215127d5a2d1, 0x90c99e86d08b91218630, 0x109f3d0cfbf640c0beee7,
0xc83e01379a5fbec5fdd1, 0x19d3d70a8d567e388600e, 0x534e2f6e8a4a33155123]]:
Re: PLink compatibility
That was my "belief" also.
I thought that RADIUS was simply another method of enterprise authentication, such as Active Directory, or LDAP.
And, having said that, just needed to verify.
Entrust said that "The Entrust software will work with any application that is RADIUS compliant".
Thanks for your response.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum