sudo apt-get install freeradius
//go to freeradius configure directory
cd /etc/freeradius/
//it should change to sudoer to do.
sudo su
//edit clients.conf
joe clients.conf
==========================================
client 192.168.1.0/24 {
secret = test
shortname = test1
}
==========================================
//edit users
joe users
==========================================
"test" Cleartext-Password == "1234"
Service-Type == Login-User,
Auth-Type := Local,
Reply-Message = "Radius Login Success --- %u"
==========================================
Auth-Type := Local // auth local configure settgin
Auth-Type := System // auth system user/password setting
Auth-Type := LDAP // auth LDAP
Auth-Type := Accept //always accept
Auth-Type := Reject //always reject
exec : freeradius -X // for debug use
exec : radtest test 1234 127.0.0.1 0 test
For privilege
//edit dictionary
add
==========================================
$INCLUDE /etc/freeradius/dictionary.vendor
==========================================
//edit dictionary.vendor
add
==========================================
VENDOR vendorA 222
BEGIN-VENDOR vendorA
ATTRIBUTE vendorA-Privilege-AVPair 1 string
END-VENDOR vendorA
==========================================
//edit users
add
==========================================
test14 Cleartext-Password := "1234"
Auth-Type := Local,
Service-Type == Administrative-User,
vendorA-Privilege-AVPair = "shell:priv-lvl=14",
Reply-Message = "Radius Login Success --- %u"
==========================================
For Mac-auth
add
==========================================
"00-19-CB-00-00-88" Cleartext-Password := "vendorA"
Auth-Type := Local,
Service-Type == Login-User,
Reply-Message = "Radius Login Success --- %u"
==========================================
沒有留言:
張貼留言