pam_radius_auth all radius servers failed to respond

Question

I am trying to integrate Radius server 3.0.13 with SSHD so I can enable 2FA. The SSH server is RHEL 8.5.

All the time getting error pam_radius_auth all radius servers failed to respond.

In my SSH Radius client I have following setup:

/etc/nsswitch.conf

passwd:     files sss ldap
shadow:     files sss ldap
group:      files sss ldap
hosts:      files dns myhostname
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files sss
netgroup:   files sss ldap
publickey:  nisplus
automount:  files sss ldap
aliases:    files nisplus

/etc/pam_radius.conf

radius01 token 100

/etc/pam.d/sshd

auth            required        pam_env.so
auth            sufficient      pam_radius_auth.so
auth            requisite       pam_succeed_if.so uid >= 500 quiet
auth            required        pam_deny.so
account         sufficient      pam_succeed_if.so uid < 500 quiet
account         required        pam_permit.so
password        requisite       pam_cracklib.so try_first_pass retry=3
password        required        pam_deny.so
session         required        pam_selinux.so close    
session         required        pam_limits.so
session         [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session         required        pam_mkhomedir.so umask=0077
session         required        pam_selinux.so open

/etc/ssh/sshd_config

Protocol 2
Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
LogLevel INFO
StrictModes yes
PasswordAuthentication yes
ChallengeResponseAuthentication yes
UsePAM yes
PubkeyAuthentication no
        # Kerberos options
KerberosAuthentication no
KerberosOrLocalPasswd no
KerberosTicketCleanup no
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
Banner /etc/login-banner
Subsystem       sftp    /usr/libexec/openssh/sftp-server
X11Forwarding yes
MACs hmac-sha2-512,hmac-sha2-256
KexAlgorithms diffie-hellman-group-exchange-sha256
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
Match Address 0.0.0.0/0
    # Everyone else
    Banner /etc/login-banner
    GSSAPIAuthentication no
    PubkeyAuthentication no

The SSH server has been explicitly authorised in Radius, how is it I am getting error: "pam_radius_auth all radius servers failed to respond" ?

Thanks in advance,

pam_radius_auth all radius servers failed to respond

0 Answers0