From owner-freebsd-isp  Wed Feb 14 21:45:06 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id VAA14143
          for isp-outgoing; Wed, 14 Feb 1996 21:45:06 -0800 (PST)
Received: from black.gensys.com (black.gensys.com [206.109.98.10])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id VAA14138
          for <freebsd-isp@freebsd.org>; Wed, 14 Feb 1996 21:45:02 -0800 (PST)
Received: (from jhupp@localhost) by black.gensys.com (8.6.12/8.6.12) id XAA02914; Wed, 14 Feb 1996 23:44:14 -0600
From: Jeff Hupp <jhupp@black.gensys.com>
Message-Id: <199602150544.XAA02914@black.gensys.com>
Subject: Re: RADIUS
To: map@iphil.net (Miguel A.L. Paraz)
Date: Wed, 14 Feb 1996 23:44:13 -0600 (CST)
Cc: freebsd-isp@freebsd.org
In-Reply-To: <199602150444.MAA08392@marikit.iphil.net> from "Miguel A.L. Paraz" at Feb 15, 96 12:44:10 pm
X-Mailer: ELM [version 2.4 PL24 ME8a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
Precedence: bulk

> Andrew Webster wrote:
> 
>  
> > Is there anyone working on RADIUS support for FreeBSD so that it can be 
> > used as a smart terminal server?
> 
> Yes, I am going to put some work into this.
> 
> Any suggestions or code are appreciated!

	The Houston (Tx, USA) computer club's Internet system is running a
radiusd that I have hacked on.  It provides access classes via the CLASS
field in the FreeBSD user database (Major classes are RLOGIN, SLIP, CSLIP,
PPP but specific users can be added to the /etc/raddb/users file for
dedicated links, demos w/out access to the Unix box, etc) and each class
only takes one entry in the /etc/raddb/users file (the lookup in this file
is done on the CLASS field, not the login name) allowing us to completely
ignore the the /etc/raddb/users file when creating accounts ~ all we do is
set the class field to RLOGIN, SLIP, CSLIP, or PPP and the user gets that
type of connection. 

	The user also has a shell account that (s)he can telnet into via 
their IP connection or from a remote host to access Unix services.  We 
have also hacked chpass(1) to take a -c option and allow the user to 
change their class at will.

	The radiusd from Livingston is quite hackable, and you an do just 
about anything with it you want.

	We are running four 30 line portmasters with a total of 120 lines, 
and keep all the user accounts (1400+) on one FreeBSD box ~ most users 
don't touch it.  It's also our web (http://hal-pc.org) server and mail 
server.  We have a separate box for news.  We love FreeBSD....

	If there is intrest in this, I'll spend some time making it into 
a package/port.

--
X, windows done right...
Jeff Hupp <Jhupp@gensys.com> <http://gensys.com>
PGP Public Key available at http://gensys.com or on the key servers