Package freeradius

High-performance and highly configurable free RADIUS server

http://www.freeradius.org/

The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server. While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.

FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
protocol, as defined in RFC 2865 (and others). It allows Network Access
Servers (NAS boxes) to perform authentication for dial-up users. There are
also RADIUS clients available for Web servers, firewalls, Unix logins, and
more. Using RADIUS allows authentication and authorization for a network to
be centralized, and minimizes the amount of re-configuration which has to be
done when adding or deleting new users.

File Formats (Section 5)
clients.conf
The clients.conf file contains definitions of RADIUS clients. The information in this file overrides any information provided in the deprecated clients and...
dictionary
The master RADIUS dictionary file resides in /etc/raddb/dictionary. It references other dictionary files located in /usr/local/share/freeradius/. Each...
radiusd.conf
The radiusd.conf file resides in the radius database directory, by default /etc/raddb. It defines the global configuration for the FreeRADIUS RADIUS server.
radrelay.conf
The radrelay.conf file resides in the radius database directory, by default /etc/raddb. It defines the global configuration for the FreeRADIUS server, when the...
rlm_always
The rlm_always module provides a simple way to "always" return a value during the processing of a configuration section. The main configuration item is rcode...
rlm_attr_filter
The rlm_attr_filter module exists for filtering certain attributes and values in received ( or transmitted ) radius packets. It gives the server a flexible...
rlm_chap
The rlm_chap module provides CHAP functionality. This module validates a user with CHAP authentication. If called in Authorize, it will look for CHAP-Password...
rlm_counter
The rlm_counter module provides a general framework to allow access based on accumulated usage of a resource, such as total time online in a given period, total...
rlm_detail
The rlm_detail module writes radius packets to 'detail' files. It is primarily used for storing accounting information, but can be used in other sections to...
rlm_digest
The rlm_digest module authenticates RADIUS Access-Request packets that contain Cisco SIP digest authentication attributes. The module should be listed in the...
rlm_expr
The rlm_expr module allows the server to perform limited mathematical calculations. This module is not called directly in any section, it is invoked through the...
rlm_files
The rlm_files module uses the 'users' file for accessing authorization information for users. Additionally, it supports a 'users' file syntax to be applied to...
rlm_idn
When instantiated, the rlm_idn module provides an xlat for performing IDNA encoding of internationalized domain names. Decoding and other similar encodings like...
rlm_mschap
The rlm_mschap module provides MS-CHAP and MS-CHAPv2 authentication support. This module validates a user with MS-CHAP or MS-CHAPv2 authentication. If called in...
rlm_pap
The rlm_pap module authenticates RADIUS Access-Request packets that contain a User-Password attribute. The module should also be listed last in the authorize...
rlm_passwd
The rlm_passwd module provides authorization via files similar in format to /etc/passwd. This module allows you to retrieve any account information from any...
rlm_realm
The rlm_realm module parses the User-Name attribute into a User section and a Realm section. This is used primarily in a proxy situation, however, Realms can...
rlm_sql
The rlm_sql module provides an SQL interface to retrieve authorization information and store accounting information. It can be used in conjunction with, or in...
rlm_unix
The rlm_unix module reads crypt(3) passwords from the system password file, and allows the server to use them for authentication. The module also provides...
unlang
FreeRADIUS supports a simple processing language in its configuration files. We call it an "un-language" because the intention is NOT to create yet another...
users
The users files reside in the files module configuration directory, by default /etc/raddb/mods-config/files/. It contains a series of configuration directives...
System Administration (Section 8)
raddebug
raddebug is a shell script wrapper around radmin that automates the process of obtaining debugging output from a running server. It does this without impacting...
radiusd
FreeRADIUS is a high-performance and highly configurable RADIUS server. It supports many database back-ends such as flat-text files, SQL, LDAP, Perl, Python...
radmin
FreeRADIUS Server administration tool that connects to the control socket of a running server, and gives a command-line interface to it. At this time, only a...
radrelay
The functions of radrelay have been added to radiusd. One benefit is that one instance of radiusd can read multiple detail files, among others. The rlm_sql_log...