Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Karen Lilly Creations

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Glossary
MoreInfo
Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
FAQ
Copyright Info
Terms of Use
Privacy Info
Disclaimer
WorkBoard
Thanks
Donations
Advertising
Masthead / Impressum
Your Account

Communication
Feedback
Forums
Private Messages
Surveys

Features
HOWTOs
News Archive
Submit News
Topics
User Articles
Web Links

Google
Google


The Web
linux-tutorial.info

Who's Online
There are currently, 73 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

  

radiusd




SYNOPSIS

       radiusd [-A] [-S] [-a accounting_directory] [-b] [-c]  [-d
       config_directory]  [-f] [-i ip-address] [-l log_directory]
       [-g facility] [-p port] [-s] [-v] [-x] [-X] [-y] [-z]


DESCRIPTION

       This is the FreeRADIUS implementation of  the  well  known
       radius  server  program.   Even  though  this  program  is
       largely compatible with Livingston's radius  version  2.0,
       it's not based on any part of that code.

       RADIUS is a protocol spoken between an access server, typ­
       ically a device connected to several modems or ISDN lines,
       and  a  radius  server. When a user connects to the access
       server, (s)he is asked for a  loginname  and  a  password.
       This  information  is  then sent to the radius server. The
       server replies with "access denied", or  "access  OK".  In
       the  latter  case login information is sent along, such as
       the IP address in the case of a PPP connection.

       The access server also sends login and logout  records  to
       the radius server so accounting can be done. These records
       are kept for each terminal server  seperately  in  a  file
       called   detail,   and  in  the  wtmp  compatible  logfile
       /var/log/radwtmp.


OPTIONS

       -A     Write a file detail.auth in addition to  the  stan­
              dard  detail  file in the same directory. This file
              will   contain   all   the   authentication-request
              records.  This can be useful for debugging, but not
              for normal operation.

       -S     Write the stripped  usernames  (without  prefix  or
              suffix)  in  the  detail  file  instead  of the raw
              record as received from the terminal server.

              This command line option is  deprecated.   See  the
              log_stripped_names   configuration   item   in  the
              radiusd.conf file.

       -a accounting directory
              This defaults to /var/log/radacct. If  that  direc­
              tory exists, radiusd will write an ascii accounting
              record into a detail file  for  every  login/logout
              recorded.  The  location  of  the  detail  file  is
              acct_dir/terminal_server/detail.

              This command line option is  deprecated.   See  the
              This  command  line  option is deprecated.  See the
              log_dir  configuration  item  in  the  radiusd.conf
              file.

       -g facility
              Specifies  the  syslog  facility to be used with -l
              syslog.  Default  is  daemon.  Another   reasonable
              choice would be authpriv.

       -d config directory
              Defaults  to /etc/raddb. Radiusd looks here for its
              configuration files such as the dictionary and  the
              users files.

       -i ip-address
              Defines  which IP addres to bind to for sending and
              receiving packets- useful for multi-homed hosts.

              This command line option is  deprecated.   See  the
              bind_address configuration item in the radiusd.conf
              file.

       -b     If the radius server binary was compiled  with  dbm
              support,  this  flag  tells  it to actually use the
              database files instead of the flat users file.

              This command line option is  deprecated,  and  does
              not do anything.

       -c     This  is  still an experimental feature.  Cache the
              password, group and shadow files in a hash-table in
              memory.   This  makes  the radius process use a bit
              more memory, but username lookups in  the  password
              file are much faster.

              After  every change in the real password file (user
              added, password changed) you need to send a  SIGHUP
              to the radius server to let it re-read its configu­
              ration and the password/group/shadow files !

              This command line option is  deprecated.   See  the
              cache configuration item for the unix module in the
              radiusd.conf file.

       -f     Do not fork, stay running as a foreground  process.

              authentication request. With this flag  the  server
              will  not do that. It won't even "daemonize" (auto-
              background) itself.

       -x     Debug mode. In this  mode  the  server  will  print
              details  of  every  request  on it's stderr output.
              Most useful in combination with -s.  You can  spec­
              ify this option 2 times (-x -x or -xx) to get a bit
              more debugging output.

       -X     Extended debug mode.  Equivalent to -sfxx, but sim­
              pler to explain.

       -y     Write details about every authentication request in
              the radius.log file.

              This command line option is  deprecated.   See  the
              log_auth  configuration  item  in  the radiusd.conf
              file.

       -z     Include the password in the  radius.log  file  even
              for successful logins. This is very insecure!.

              This  command  line  option is deprecated.  See the
              log_auth_badpass and the log_auth_goodpass configu­
              ration items in the radiusd.conf file.


CONFIGURATION

       Radiusd  uses  a  number of configuration files. Each file
       has it's own manpage describing the format  of  the  file.
       These files are:

       radiusd.conf
              The  main configuration file, which sets the admin­
              istrator-controlled items.

       dictionary
              This file is usually static.  It  defines  all  the
              possible  RADIUS  attributes used in the other con­
              figuration files.  You don't have to modify it.  It
              includes  other dictionary files in the same direc­
              tory.

       clients
              [ Deprecated ] Contains the IP address and a secret
              key  for  every client that wants to connect to the
              server.
              is.

       hints  Defines certain hints to the radius server based on
              the  users's  loginname or other attributes sent by
              the access server. It  also  provides  for  mapping
              user  names  (such  as Pusername -> username). This
              provides the functionality that the Livingston  2.0
              server  has as "Prefix" and "Suffix" support in the
              users file, but is more general. Ofcourse the  Liv­
              ingston  way of doing things is also supported, and
              you can even use both at the same time (within cer­
              tain limits).

       huntgroups
              Defines  the huntgroups that you have, and makes it
              possible to restrict access to  certain  huntgroups
              to certain (groups of) users.

       users  Here  the  users  are  defined. On a typical setup,
              this file mainly contains DEFAULT entries  to  pro­
              cess  the different types of logins, based on hints
              from the hints file. Authentication is  then  based
              on  the contents of the UNIX /etc/passwd file. How­
              ever it is also possible to define all  users,  and
              their passwords, in this file.


SEE ALSO

       radiusd.conf(5),    users(5),   huntgroups(5),   hints(5),
       clients(5), dictionary(5).


AUTHOR

       Miquel van Smoorenburg, miquels@cistron.nl, and others.

                           23 June 2003                RADIUSD(8)

An undefined database error occurred. SELECT distinct pages.pagepath,pages.pageid FROM pages, page2command WHERE pages.pageid = page2command.pageid AND commandid =


  
Help us cut cost by not downloading the whole site!
Use of automated download sofware ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and therefore is expressedly prohibited. For more details on this, take a look here

Login
Nickname

Password

Security Code
Security Code
Type Security Code


Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!


Amazon Wish List

Did You Know?
The Linux Tutorial can use your help.


Friends



Tell a Friend About Us

Bookmark and Share



Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.08 Seconds