Project

General

Profile

Actions

Bug #1202

closed

Shell access permission required for IPsec Xauth clients

Added by Jim Pingle almost 14 years ago. Updated over 12 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
01/16/2011
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

In order for a client to successfully authenticate against an IPsec mobile setup that has Xauth enabled, the user must have some form of shell access before Xauth will work.

This has been reported/confirmed by several people on IRC.

We already put users without shell access in /etc/passwd, but we also lock them out. If we had an IPsec-Xauth permission it would only need to unlock the account, and leave the shell at nologin.

Actions

Also available in: Atom PDF