Random thoughts shooting out of volatile mind
RADIUS on Ubuntu 8.10(Interpid Ibex)

After facing many problems in Mandriva 2009 I finally changed to Ubuntu 8.10 and I'm happy with Ubuntu now. I successfully installed Free RADIUS on Ubuntu. I want to tell a few things on installing Free RADIUS on Ubuntu in this post.

First let me tell a few things about RADIUS. RADIUS(rfc 2865) stands for Remote Authentication Dial-In User Service is a protocol that provides Centralised access, Authorization and Accounting management for computers that connect to network resources. RADIUS provides AAA service (Authentication, Authorisation, Accounting). This is normally used by ISP's, for authentication in Wireless networks. It is also used for providing  IEEE 802.1x security. RADIUS supports many authentication methods which I'll elaborate on next post.

First you need to install Free RADIUS use following command to get it

$sudo apt-get install freeradius*

I mentioned * because I wanted to install all the Free RADIUS packages. Once installation is complete to check the free radius is working use follwing command

sudo freeradius -X

I want to mention one thing here normally the RADIUS daemon is named radisud, but in Ubuntu it is named as freeradius. The above command runs RADIUS daemon in debug mode and you will get a list of output on the screen. Don't worry just press Ctrl-C and kill the process. Now to start RADIUS daemon in normal mode type in following command.

sudo /etc/init.d/freeradius start

Command prompt will return immediately. To check whether daemon is running type in following command

ps -e | grep freeradius

You should get output like this

5630 ? 00:00:00 freeradius

Well not getting it don't worry there is a small problem which is need to be fixed. When I checked the freeradius log situated in /var/log/freeradius/radius.log I found problem is because daemon is not able to read its pid file /var/run/radiusd/radiusd.pid. Now open the radiusd.conf file, normally it is found in /etc/raddb/ folder but in Ubuntu its placed under /etc/freeradius/ folder.  Find for following line.

run_dir = ${localstatedir}/run/radiusd/

change radiusd to freeradius. What actually happened here is freeradius daemon was trying to open radius.pid file in radiusd directory but the directory was renamed in Ubuntu as freeradius. Well now start the server as mentioned above and use grep in pipeline with ps -e to see whether it is running. You can also use radtest command to check this.

radtest test secret localhost 1812 testing123

You may get Access-Reject packet but it doesn't matter we just wanted to know whether daemon is runnig or not and we got our answer as it is running. In the above command test is user name secret is password for test. localhost I think you know what it means :) 1812 is the port number to which RADIUS daemon listens waiting for authentication packet. 1813 is the port at which it listens for accounting packet, more details on this in my next post. testing123 is a shared secret key between NAS and RADIUS you must change this to strong value.

Posted by: copyninja on Monday, 19 January 2009

blog comments powered by Disqus
Fork me on GitHub