Chinaunix首页 | 论坛 | 博客
  • 博客访问: 24986
  • 博文数量: 12
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 14
  • 用 户 组: 普通用户
  • 注册时间: 2014-09-04 09:34
文章分类
文章存档

2014年(12)

我的朋友

分类: LINUX

2014-09-16 16:09:36

Linux RadHat 企业版 5.0 + freeradius-client-1.1.6 + freeradius-server-2.1.10
 
文件: freeradius-client-1.1.6.tar.bz2
大小: 290KB
下载: 下载
文件: freeradius-server-2.1.10.tar.bz2
大小: 2485KB
下载: 下载
 
 
freeradius-client-1.1.6 安装
 
(1)安装非常简单,和普通软件相同都是下面三步:
 

./configure                       

make
make install

 
(2)编译后生成的可执行程序
 

/usr/local/sbin/
|-- sbin
   |-- radacct                          发送计费包
   |-- radembedded                      生成配置文件
   |-- radexample                       发送鉴权包
   |-- radiusclient                     发送鉴权包
   |-- radlogin                         发送鉴权包
   `-- radstatus                        查看服务器状态


 
(3)配置文件目录
 

/usr/local/etc/radiusclient
|-- radiusclient
    |-- dictionary                        属性字典
    |-- dictionary.ascend
    |-- dictionary.compat
    |-- dictionary.merit
    |-- dictionary.sip
    |-- issue
    |-- port-id-map
    |-- radiusclient.conf                 客户端的配置文件
    `-- servers                           服务器配置文件

 
freeradius-client-1.1.6 配置
 
(1)/usr/local/etc/radiusclient/radiusclient.conf

#鉴权顺序
auth_order    radius,local

#login 登陆次数
login_tries     1

#超时时间,单位:秒
login_timeout 5    

nologin /etc/nologin

issue    /usr/local/etc/radiusclient/issue

#鉴权服务器IP或name,也可以加上端口、共享口令,例:localhost:1812:testing
authserver     localhost

#计费服务器IP或name
acctserver     localhost

服务器共享口令文件路径
servers        /usr/local/etc/radiusclient/servers

dictionary     /usr/local/etc/radiusclient/dictionary

login_radius    /usr/local/sbin/login.radius

seqfile        /var/run/radius.seq

mapfile        /usr/local/etc/radiusclient/port-id-map

#默认域名
default_realm

#radius 登陆超时时间,单位:秒
radius_timeout    5

#radius 登陆次数
radius_retries    1

radius_deadtime    0

bindaddr *
#本地登陆 程序
login_local    /bin/login


(2)/usr/local/etc/radiusclient/servers
 

localhost testing123

 


freeradius-server-2.1.10 简单安装和配置(为测试client)

(1)安装

./configure
make
make install

(2)/usr/local/etc/raddb/user  (用户名:jj  口令:jj)

 jj Cleartext-Password := "jj"
  Service-Type = Framed-User,
  Framed-Protocol = PPP,
  Framed-IP-Address = 192.168.2.179,
  Framed-IP-Netmask = 255.255.255.0,
  Framed-Routing = Broadcast-Listen,
  Framed-Filter-Id = "std.ppp",
  Framed-MTU = 1500,
  Framed-Compression = Van-Jacobsen-TCP-IP

(3)/usr/local/etc/raddb/clients.conf

 client localhost {

#共享口令
 secret = testing123
 shortname = private-network
 }


测试结果:

运行radius服务器
[root@localhost freeradius-client-1.1.6]# radiusd -X
测试客户端
[root@localhost freeradius-client-1.1.6]# radlogin
($Id: radlogin.c,v 1.9 2008/01/09 07:04:18 sobomax Exp $)
-----------------------------------------------------
Linux 2.6.18-164.el5 (localhost.localdomain) (port 0)
-----------------------------------------------------

login: jj
Password:
RADIUS: Authentication OK
This is the dummy login.radius script. If you want that this script
does something useful you'll have to replace it.

The following RADIUS environment variables are set:
RADIUS_FILTER_ID=std.ppp
RADIUS_FRAMED_COMPRESSION=Van-Jacobson-TCP-IP
RADIUS_FRAMED_IP_ADDRESS=192.168.2.179
RADIUS_FRAMED_IP_NETMASK=255.255.255.0
RADIUS_FRAMED_MTU=1500
RADIUS_FRAMED_PROTOCOL=PPP
RADIUS_FRAMED_ROUTING=Broadcast-Listen
RADIUS_SERVICE_TYPE=Framed-User
RADIUS_USER_NAME=jj

Bye, bye.

[root@localhost freeradius-client-1.1.6]# radexample
login: jj
Password:
"jj" RADIUS Authentication OK

[root@localhost freeradius-client-1.1.6]# radacct(回车)
User-Name=jj
Password=jj
Acct-Status-Type=7  (按Ctrl+D)
RADIUS accounting OK


阅读(1172) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~