Beruflich Dokumente
Kultur Dokumente
Configure MySQL
Set the MySQL service to start on boot [root@localhost ~]# chkconfig mysqld on Start the MySQL service [root@localhost ~]# service mysqld start Log into MySQL [root@localhost ~]# mysql -u root Set the root user password for all local domains SET PASSWORD FOR 'root'@'localhost' = PASSWORD('new-password'); SET PASSWORD FOR 'root'@'localhost.localdomain' = PASSWORD('new-password'); SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('new-password'); Drop the Any user DROP USER ''@'localhost'; DROP USER ''@'localhost.localdomain'; Exit MySQL exit
Install freeRadius
[root@localhost ~]#yum -y install freeradius freeradius-mysql
password = "myradiussecret" # Database table configuration radius_db = "radius" Dont edit anything except server, login, password and database unless you know what you're doing. Uncomment readclients in file sql.conf # Set to 'yes' to read radius clients from the database ('nas' table) readclients = yes Next, edit clients.conf file to set radius secret key [root@localhost raddb]#vi clients.conf Set the following parameters for secret key secret = "myradiussecret"
At last edit radiusd.conf config file. Uncomment the following line in radiusd.conf by removing "#" $INCLUDE ${confdir}/sql.conf
In the same file look for "accounting {" , "authorize {" and "session {" then remove "#" (comment) from "sql". If we are not using local file users to look the radius users, comment the line file to #file in authorize section. In authorize section authorize { # Read the 'users' file # files # # Look in an SQL database. The schema of the database # is meant to mirror the "users" file. # # See "Authorization Queries" in sql.conf sql In accounting section accounting { # See "Accounting queries" in sql.conf sql In session section session { # See "Simultaneous Use Checking Querie" in sql.conf sql
Now test the radius server for authentication. Create one account in radius database. Login to mysql and select radius database, then add username = test and password = password. mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('test', 'Password', 'password'); mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('test', 'Auth-Type', 'Local');
Next is test our user with radtest. As: [root@host raddb]# radtest test password localhost 1812 myradiussecret If successful the output will be: rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=31, length=20