I have setup a basic NCS (version 4.5.1) server and would like to use External Authentication to Radius. The scripts are ready, but the problem is that the username/password seem not to be provided to the authentication script.
Some more details;
In /etc/ncs/ncs.conf;
<external-authentication> <enabled>true</enabled> <executable>/usr/local/bin/nso-radius-auth.py</executable> </external-authentication>
Testscript;
#!/usr/bin/python3.6
import os
import sys
fo = open(“/tmp/foo.txt”, “w”)
fo.write( “Arguments:\n”)
fo.write(‘\n’.join(sys.argv[0:]))
fo.close()
print(“accept ncsadmin ncsoper 9999 9999 /tmp”);
Login works, because of the last line. However after doing;
otter@sambal:~$ ssh tailf@nso-01-tst -p 2024
tailf@nso-01-tst’s password:
tailf connected from 10.10.77.7 using ssh on nso-01-tst
in /tmp/foo.txt the output is as follows;
[root@nso-01-tst ncs]# cat /tmp/foo.txt
Arguments:
/usr/local/bin/nso-radius-auth.py
So, without the username and password, there is no method to do the Radius check within the script.
Is there anyone that can provide me with a hint what I’m doing wrong?