*BSD News Article 62994


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!newshost.telstra.net!act.news.telstra.net!psgrain!charnel.ecst.csuchico.edu!csusac!csus.edu!csulb.edu!newshub.csu.net!usc!math.ohio-state.edu!howland.reston.ans.net!newsfeed.internetmci.com!cdc2.cdc.net!news
From: craigt@cdc.net (Craig Thompson)
Newsgroups: comp.unix.bsd.bsdi.misc
Subject: RADIUS help needed
Date: 5 Mar 1996 03:33:36 GMT
Organization: The Missions Helpline
Lines: 41
Message-ID: <4hgcmg$8nu@cdc2.cdc.net>
NNTP-Posting-Host: pm01-18.cdc.net
Mime-Version: 1.0
Content-Type: Text/Plain; charset=ISO-8859-1

I have gotten radius-1.16.tar.gz from Livingston.  I also have gotten 
the MERIT radius.  I can't seem to get either one of them to work 
properly.

The Livingston version -- which looks simpler -- has very little in the 
way of documentation with it.  The scenario is this:  we only want 
people to have PPP/SLIP accounts--no shell login accounts.  Also, we 
are not using Portmasters, but another brand of terminal server that 
supports RADIUS, PAP, CHAP, etc., etc.

I followed the steps in the INSTALL file, but need to know specifically 
the following:

1) how do I get radiusd to look at master.passwd instead of passwd?  
does this involve changing radiusd.c or something else?  If so, what 
specifically needs to be changed.

2) do I *still* need to create a user in the /etc/raddb/users file for 
every single user on my system, or is there some way that a user's name 
can be validated just from the master.passwd file like the password 
itself.  

3) Since we don't want to allow shell accounts, is there some way we 
could just point to a default setting?

4) Also, any documentation or step-by-step that anyone has written out 
would be greatly appreciated.  I've searched the BSDI archives and come 
up with very little so far in the way of practical pointers.

5) Finally, if the terminal servers do not support the RADIUS 
accounting protocol, does anyone have any pointers to a good program, 
script, etc. that will read the SYSLOG info and give account summaries 
by user?

ps - if you happen to read this and want to respond with "use the MERIT 
version," please still try to give some pointers to the questions.

THANKS!

Craig Thompson