RADIUS server // local authentication and authorization via unix + pam

Yeah, its sucks. Use this option in only secured networks! Check /etc/pam.d for radiusd file. /etc/raddb/clients.conf client { ipv4addr = secret = mysecret shortname = myshortname } /etc/raddb/radius.conf You wanna read /etc/shadow? Become root. —> Yeah, its sucks. Use this option in only secured networks! user = root group = root /etc/raddb/sites-enabled/default Section […]

Gentoo + Squid + Radius Auth + sslBump + remote SquidClamav + SquidGuard // intransparent official proxy in corporate environment

What to know: Squid caches and breaks clients encryption in MITM style. After clients request he establishes conections to both server and client. To the server he impersonates a client and checks servers certificates. Dismissed Server certs will be reported to the real client. To the client he acts like a server. After a succeful […]

Radius testing

Avoid all these linux console tools named like ‘radiusclient’. Install freeradius Test your stuff with # radtest USERNAME USERPASS HOST 0 THESECRET Testing with SQUID: # /usr/libexec/squid/basic_radius_auth -h HOST -w SECRET Then type USERNAME USERPASS at the prompt. Will return OK or ERR…

OTRS | Configuration hints

Check the passwd file, the home of the usre otrs must be /var/lib/otrs (or better: the current directoty hosting otrs stuff). Remove the .dist extensions from crontab templates. Run Cron.sh Grab incoming mails via fetchmail. Run fetchmail as a daemon. /etc/fetchmailrc shouls contain poll imap.mailserver.de protocol IMAP user otrsmailuser password otrsmailuserpassword ssl is otrs Using […]