From owner-freebsd-questions Thu Feb 13 14:34:11 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id OAA14114 for questions-outgoing; Thu, 13 Feb 1997 14:34:11 -0800 (PST) Received: from merit.edu (merit.edu [35.1.1.42]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA14100 for ; Thu, 13 Feb 1997 14:34:06 -0800 (PST) Received: from ohm.merit.edu (ohm.merit.edu [198.108.60.65]) by merit.edu (8.8.5/merit-2.0) with ESMTP id RAA28104; Thu, 13 Feb 1997 17:34:03 -0500 (EST) From: William Bulley Received: (web@localhost) by ohm.merit.edu (8.6.9/8.6.5) id RAA13505; Thu, 13 Feb 1997 17:34:24 -0500 Message-Id: <199702132234.RAA13505@ohm.merit.edu> Subject: Re: Radius problems? To: lee.burns@mosby.com (Lee Burns) Date: Thu, 13 Feb 1997 17:34:24 -0500 (EST) Cc: freebsd-questions@freebsd.org In-Reply-To: <3303AB35.24AD@mosby.com> from "Lee Burns" at Feb 13, 97 04:00:53 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk According to Lee Burns: > > Hi, I retrieved Merit Radius 2.4.3 from the FreeBSD site but cannot > seem to get authentication of even simple "dumb" IDs. I'm trying > to use a realm of my domain and forward non-realm or null requests > to another server. > > I don't define any users in the users file but specify realm & Unix-PW > which *should* mean lookup in /etc/passwd then determine dumb, ppp, > etc. > > How in the heck does it figure out about the special non-shadow copy > of passwd which actually has the passwords in it? Does Radius > *actuall* work on 2.1.5? Does anyone have sample authfile / clients / > users files they can forward? That version is so old that I can't remember when it was released! :-) The latest released version is 2.4.23C from the public FTP site: ftp://ftp.merit.edu/radius/releases/radius.*.tar.{z,gz} it is wooking in hundreds of places and even runs on FreeBSD! :-) The way you specify users is up to you, but I would not put any of them in the users file. When you specify Authentication-Type = Realm you imply that the RADIUS server should next look in the authfile (by the realm of the user: user@realm). In there is should find the type of authentication to use (by realm) on the entry for that realm. If you want UNIX type password lookup (/etc/passwd) then the authentication type you would place in the second field of the authfile entries is UNIX-PW. The shodow or non-shadow-ness of passwords is handled by the operating system when the RADIUS server calls getpwnam(3)... And yes Merit RADIUS actually works on 2.1.5! Other Merit questions to me. Regards, web... -- William Bulley, N8NXN Senior Systems Research Programmer Merit Network, Inc. Email: web@merit.edu 4251 Plymouth Road, Suite C Phone: (313) 764-9993 Ann Arbor, Michigan 48105-2785 Fax: (313) 647-3185 [ What's all the fuss over the end of the century with mission critial ] [ programs failing due to dates? If people simply started using Roman ] [ Numerials the problem vanishes! MCM = 1900 MCMXCIX = 1999 MM = 2000 ]