I am in the process of setting up the authpf(8) service on OpenBSD 6.1.
would like to have the users authenticate using radius. I have setup
login.conf (below) appropriately to achieve this, however I find that
I try to login with a user that is not on the system, the radius
authentication fails. I see that sshd(8) is sending out two radius auth
requests. One has the username w/o a password and one has a user of
with a password. Looking at the ssh code I can see that sshd is looking
for an account with the username and since one doesn't exist it is
fakepw() to process fake information. I was trying to avoid having to
the ypldap(8) + ldapd(8) dance to have user accounts on the system.
So my question, is there a way to setup authenticate users against
without needing their accounts local or in YP?