Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

radiusconfig(8) [osx man page]

radiusconfig(8) 					    BSD System Manager's Manual 					   radiusconfig(8)

NAME

     radiusconfig -- tool to configure radiusd

SYNOPSIS

     radiusconfig command [command-options] [-q]

DESCRIPTION

     radiusconfig is a utility for configuring radiusd and its configuration files. It must be run by root.

USAGE

     -q 		   Suppress prompts.

   Queries
     -getconfig [RADIUS-DB-Directory]
     Returns configuration data from radiusd.conf and eap.conf in plist format.  Reads the configuration files from /etc/raddb unless RADIUS-DB-
     Directory is specified.

     -getconfigxml [RADIUS-DB-Directory]
     Returns configuration data from radiusd.conf and eap.conf in xml plist format.  Reads the configuration files from /etc/raddb unless RADIUS-
     DB-Directory is specified.

     -nascount
     Returns the number of RADIUS clients.

     -naslist [--with-status]
     Returns the list of RADIUS clients in plist format. If the --with-status option is used, an IMCP ping is sent to each client and the
     responses, or lack thereof, are included in the results.

     -naslistxml [--with-status]
     Returns the list of RADIUS clients in xml plist format. If the --with-status option is used, an IMCP ping is sent to each client and the
     responses, or lack thereof, are included in the results.

     -help
     Print usage information.

     -ver
     Displays version information.

   Setup
     ---capture-base-station base-station-IP primary-RADIUS-IP [secondary=IP] [wpa-key-timeout=minutes] [wait-for-restart]
     Pairs an Airport Base Station to a RADIUS server. The shared secret is set in the RADIUS client database and on the base station.

     -disable-tls
     Changes eap.conf to contain a commented-out TLS section.

     -enable-tls
     Changes eap.conf to contain an active TLS section.

     -installcerts private-key certificate [trusted-ca-list [yes | no [common-name]]]
     Changes eap.conf to contain an active TLS section and configures the certificates. The yes or no option specifies whether or not to check a
     certificate revocation list. The random file is replaced and the dh file is created if absent.

     -addclient nas-name shortname [type]
     Adds a client.

     -importclients xml-plist-file
     Imports a list of clients from a file.

     -removeclient nas-name [nas-name ...]
     Removes a client.

     -setconfig key value [key value ...]
     Sets parameters in the radiusd.conf and eap.conf files.

     -setgroup nas-name group-name
     Assigns an access control group for a specific client of the RADIUS server.

     -rotatelog [-n file-count] base-file
     Preserves file-count log files.

     -autorotatelog [on | off | status] [-n file-count]
     Configures a periodic task to rotate the radius logs on a daily basis.

     -getssid host
     Queries the base station at the host address for its WiFi network name (SSID).

     -start
     Tells launchd to keep RADIUS running.

     -stop
     Disables RADIUS in launchd.

FILES

     /usr/sbin/radiusconfig
     /etc/raddb/eap.conf
     /etc/raddb/radiusd.conf

SEE ALSO

     radiusd(8)

MacOSX								   June 2, 2019 							    MacOSX

Check Out this Related Man Page

RADTEST(1)							 FreeRADIUS Daemon							RADTEST(1)

NAME

       radtest - send packets to a RADIUS server, show reply

SYNOPSIS

       radtest [-d raddb_directory] [-t pap/chap/mschap] [-x ] [-4 ] [-6 ] user password radius-server nas-port-number secret [ppphint] [nasname]

DESCRIPTION

       radtest	is  a  frontend to radclient(1). It generates a list of attribute/value pairs based on the command line arguments, and feeds these
       into radclient. It's a fast and convenient way to test a radius server.

OPTIONS

       -d raddb_directory
	      The directory that contains the RADIUS dictionary files. Defaults to /etc/raddb.

       -t pap/chap/mschap/eap-md5
	      Choose the authentiction method to use.  e.g. "-t pap", "-t chap", "-t mschap", or "-t eap-md5",.  Defaults to "pap".  Using EAP-MD5
	      requires that the "radeapclient" program is installed.

       -x     Enables debugging output for the RADIUS client.

       -4     Use NAS-IP-Address for the NAS address (default)

       -6     Use NAS-IPv6-Address for the NAS address (default)

       user   Username to send.

       password
	      Password of the user.

       radius-server
	      Hostname or IP address of the radius server. Optionally, you may specify a port by appending :port

       nas-port-number
	      The  value  of  the NAS-Port attribute. Is an integer between 0 and 2^31, and it really doesn't matter what you put here. 10 will do
	      fine.

       secret The shared secret for this client.

       ppphint
	      If you put an integer > 0 here, radtest (or actually radclient) will add the attribute Framed-Protocol = PPP to the request packet.

       nasname
	      If present, this will be resolved to an IP address and added to the request packet as the NAS-IP-Address	attribute.  If	you  don't
	      specify it, the local hostname of the system will be used.

SEE ALSO

       radiusd(8), radclient(1).

AUTHOR

       Miquel van Smoorenburg, miquels@cistron.nl.

								   5 April 2010 							RADTEST(1)
Man Page