.
First, install the package:
$ sudo apt-get install libpam-radius-auth
That was pretty painless. Now let's configure it. First, let's tell pam_radius which radius server to talk to:
$ sudo vim /etc/pam_radius_auth.conf /etc/raddb/server
Not that the file says to copy it to /etc/raddb/server, but DO NOT do that.
Edit the line "other-server other-secret 3" replacing 'other-server' with IP address or hostname of your WiKID Strong Authentication server (or radius server if you have one set up in between WiKID and your servers) and change 'other-secret' the shared secret for this network client.
Now that the package is setup and pointing to your WiKID server, let's configure a service to use it.
Edit your /etc/pam.d/sshd file and add the line:
auth sufficient pam_radius_auth.so
Just above:
# Standard Un*x authentication.
@include common-auth
Now, you are ready to test. I recommend you run 'tail -f /var/log/auth.log' while you test.
Note that we have not made any changes to the account setup, so the user is expected to have a local account on the machine.
