Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pam_radius(8) [freebsd man page]

PAM_RADIUS(8)						    BSD System Manager's Manual 					     PAM_RADIUS(8)

NAME

     pam_radius -- RADIUS authentication PAM module

SYNOPSIS

     [service-name] module-type control-flag pam_radius [options]

DESCRIPTION

     The pam_radius module provides authentication services based upon the RADIUS (Remote Authentication Dial In User Service) protocol for the
     PAM (Pluggable Authentication Module) framework.

     The pam_radius module accepts these optional parameters:

     use_first_pass
		 causes pam_radius to use a previously entered password instead of prompting for a new one.  If no password has been entered then
		 authentication fails.

     try_first_pass
		 causes pam_radius to use a previously entered password, if one is available.  If no password has been entered, pam_radius prompts
		 for one as usual.

     echo_pass	 causes echoing to be left on if pam_radius prompts for a password.

     conf=pathname
		 specifies a non-standard location for the RADIUS client configuration file (normally located in /etc/radius.conf).

     nas_id=identifier
		 specifies a NAS identifier to send instead of the hostname.

     template_user=username
		 specifies a user whose passwd(5) entry will be used as a template to create the session environment if the supplied username does
		 not exist in local password database.	The user will be authenticated with the supplied username and password, but his creden-
		 tials to the system will be presented as the ones for username, i.e., his login class, home directory, resource limits, etc. will
		 be set to ones defined for username.

		 If this option is omitted, and there is no username in the system databases equal to the supplied one (as determined by call to
		 getpwnam(3)), the authentication will fail.

     nas_ipaddr[=address]
		 specifies a NAS IP address to be sent.  If option is present, but there is no value provided then IP address corresponding to the
		 current hostname will be used.

FILES

     /etc/radius.conf  The standard RADIUS client configuration file for pam_radius

SEE ALSO

     passwd(5), radius.conf(5), pam(8)

HISTORY

     The pam_radius module first appeared in FreeBSD 3.1.  The pam_radius manual page first appeared in FreeBSD 3.3.

AUTHORS

     The pam_radius manual page was written by Andrzej Bialecki <abial@FreeBSD.org>.

     The pam_radius module was written by John D. Polstra <jdp@FreeBSD.org>.

BSD
								 October 28, 2002							       BSD

Check Out this Related Man Page

RADIUS(8)						    InterNetNews Documentation							 RADIUS(8)

NAME

       radius - nnrpd RADIUS password authenticator

SYNOPSIS

       radius [-h] [-f config]

DESCRIPTION

       radius is an nnrpd authenticator, accepting a username and password from nnrpd (given to nnrpd by a reader connection) and attempting to
       authenticate that username and password against a RADIUS server.  See readers.conf(5) for more information on how to configure an nnrpd
       authenticator.  It is useful for a site that already does user authentication via RADIUS and wants to authenticate news reading connections
       as well.

       By default, radius reads pathetc/radius.conf for configuration information, but a different configuration file can be specified with -f.
       See radius.conf(5) for a description of the configuration file.

OPTIONS

       -f config
	   Read config instead of pathetc/radius.conf for configuration information.

       -h  Print out a usage message and exit.

EXAMPLE

       The following readers.conf(5) fragment tells nnrpd to authenticate all connections using this authenticator:

	   auth radius {
	       auth: radius
	       default: <FAIL>
	       default-domain: example.com
	   }

       "@example.com" will be appended to the user-supplied identity, and if RADIUS authentication failes, the user will be assigned an identity
       of "<FAIL>@example.com".

BUGS

       It has been reported that this authenticator doesn't work with Ascend RADIUS servers, but does work with Cistron RADIUS servers.  It's also
       believed to work with Livingston's RADIUS server.  Contributions to make it work better with different types of RADIUS servers would be
       gratefully accepted.

       This code has not been audited against the RADIUS protocol and may not implement it correctly.

HISTORY

       The RADIUS authenticator was originally written by Aidan Cully.	This documentation was written by Russ Allbery <rra@stanford.edu>.

       $Id: radius.pod 7664 2007-09-02 12:58:07Z iulius $

SEE ALSO

       nnrpd(8), radius.conf(5), readers.conf(5)

       RFC 2865, Remote Authentication Dial In User Service.

INN 2.5.2							    2009-05-21								 RADIUS(8)
Man Page