[RADIATOR] evaluation - Checkby syntax
Heikki Vatiainen
hvn at open.com.au
Wed Apr 18 07:06:27 CDT 2012
On 04/17/2012 03:45 PM, Robb Pfrank wrote:
Hello Robb,
> I have taken myself out of the "users" unix group and was still able to login, shouldnt this setup that was suggested deny my logon? At this point of testing all we want to have is a users logon ID and its group membership be verified before granting access to the networking equipment. What is missing here to match these two objects?
I think this is where it goes wrong:
Tue Apr 17 08:36:08 2012: DEBUG: getpwnam got robert,
$1$uu9QEzhD$KJIBODnLV0WNWlGmBosLG1, 10026, 10000, , , Robert Pfrank,
/home/robert, /bin/bash,
10000 is your primary group ID in /etc/passwd
So if you run 'id' it should show you are still a member in users. It's
also likely that all other real users have their primary group set to
users, so you may want to create or use another group for RADIUS
authentication purposes.
Thanks!
Heikki
> ###robert is not present in etc/group####
> users:x:10000:brian,john,jason,clint
>
>
> sec-l-adm02 radiator # cat /etc/radiator/users
> # users
> #DEFAULT Auth-Type = SystemAuthentication, Group = netadm
> #
> DEFAULT Auth-Type = SystemAuthentication, Group = users
>
>
> SIMPLE.CFG
> Foreground
> LogStdout
> LogDir .
> DbDir .
> # User a lower trace level in production systems:
> Trace 4
>
> AuthPort 1812
> AcctPort 1813
> <Client 10.2.120.150>
> Identifier NetworkEquipment
> Secret mysecret
> DupInterval 0
> </Client>
> <AuthBy SYSTEM>
> Identifier SystemAuthentication
> </AuthBy>
>
> <AuthBy FILE>
> Identifier GroupAuthentication
> Filename %D/users
> </AuthBy>
>
> <AuthBy INTERNAL>
> Identifier RejectAuthAcceptAcct
> AuthResult REJECT
> AcctResult ACCEPT
> </AuthBy>
>
> <Handler Client-Identifier = NetworkEquipment, Service-Type = NAS-Prompt-User>
> AuthByPolicy ContinueUntilReject
> AuthBy GroupAuthentication
> # AuthBy SystemAuthentication
> </Handler>
>
> <Handler>
> AuthBy RejectAuthAcceptAcct
> </Handler>
>
> <ServerHTTP>
> Port 8100
> DefaultPrivilegeLevel 15
> </ServerHTTP>
>
>
>
>
> Tue Apr 17 08:36:08 2012: DEBUG: Packet dump:
> *** Received from 10.2.120.150 port 44214 ....
> Code: Access-Request
> Identifier: 194
> Authentic: <171><226><236><178>$<236><18><156>>V<5>x<214><20><233>}
> Attributes:
> User-Name = "robert"
> User-Password = <132>_<219><191>{<248><11><180><197><220><198><187>C<7><14><177>
> NAS-Port-Id = "ttyS0"
> Service-Type = NAS-Prompt-User
> NAS-Port = 0
> NAS-IP-Address = 10.2.120.150
>
> Tue Apr 17 08:36:08 2012: DEBUG: Handling request with Handler 'Client-Identifier = NetworkEquipment, Service-Type = NAS-Prompt-User', Identifier ''
> Tue Apr 17 08:36:08 2012: DEBUG: Deleting session for robert, 10.2.120.150, 0
> Tue Apr 17 08:36:08 2012: DEBUG: Handling with Radius::AuthFILE: GroupAuthentication
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthFILE looks for match with robert [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthFILE REJECT: No such user: robert [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthFILE looks for match with DEFAULT [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: Handling with Radius::AuthSYSTEM: SystemAuthentication
> Tue Apr 17 08:36:08 2012: DEBUG: getpwnam got robert, $1$uu9QEzhD$KJIBODnLV0WNWlGmBosLG1, 10026, 10000, , , Robert Pfrank, /home/robert, /bin/bash,
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthSYSTEM looks for match with robert [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthSYSTEM ACCEPT: : robert [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: Radius::AuthFILE ACCEPT: : DEFAULT [robert]
> Tue Apr 17 08:36:08 2012: DEBUG: AuthBy FILE result: ACCEPT,
> Tue Apr 17 08:36:08 2012: DEBUG: Access accepted for robert
> Tue Apr 17 08:36:08 2012: DEBUG: Packet dump:
> *** Sending to 10.2.120.150 port 44214 ....
> Code: Access-Accept
> Identifier: 194
> Authentic: <183><18>5.qS|<217>E<17>S0<151><238><154><181>
> Attributes:
>
>
> Robb Pfrank
> Office +1 (312) 601-8647
> robb at headlandstech.com
>
>
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Thursday, April 12, 2012 1:40 AM
> To: Robb Pfrank
> Cc: radiator at open.com.au List
> Subject: Re: [RADIATOR] evaluation - Checkby syntax
>
>
> Hello Robb -
>
> No this won't work.
>
> Handlers only do matches.
>
> AuthBy's do checks.
>
> regards
>
> Hugh
>
>
> On 12 Apr 2012, at 02:29, Robb Pfrank wrote:
>
>> Could I just add Group to the handler to require both the correct group, users, and the unix password from /etc/shadow to match? I tried this out and got the below message.
>>
>>
>> <Handler Client-Identifier = NetworkEquipment, Service-Type = NAS-Prompt-User, Group = users>
>> AuthByPolicy ContinueUntilReject
>> AuthBy GroupAuthentication
>> AuthBy SystemAuthentication
>> </Handler>
>>
>> sec-l-adm02 radiator # /usr/local/bin/radiusd -config_file simple.cfg
>> Wed Apr 11 12:23:39 2012: DEBUG: Creating StreamServer tcp port
>> 0.0.0.0:8100 Wed Apr 11 12:23:39 2012: DEBUG: Finished reading configuration file 'simple.cfg'
>> This Radiator license will expire on 2012-08-01 This Radiator license
>> will stop operating after 1000 requests To purchase an unlimited full
>> source version of Radiator, see http://www.open.com.au/ordering.html
>> To extend your license period, contact admin at open.com.au
>>
>> Wed Apr 11 12:23:39 2012: DEBUG: Reading dictionary file './dictionary'
>> Wed Apr 11 12:23:39 2012: DEBUG: Creating authentication port
>> 0.0.0.0:1812 Wed Apr 11 12:23:39 2012: DEBUG: Creating accounting port
>> 0.0.0.0:1813 Wed Apr 11 12:23:39 2012: NOTICE: Server started:
>> Radiator 4.9 on sec-l-adm02 (LOCKED) Wed Apr 11 12:23:48 2012: DEBUG: Packet dump:
>> *** Received from 10.2.120.150 port 46200 ....
>> Code: Access-Request
>> Identifier: 252
>> Authentic: p@<235><239><188><242><222><135>)|Q<213>hz<168><250>
>> Attributes:
>> User-Name = "robert"
>> User-Password = d<225><215>YU<149><174>V<160><3><246>wI><142>F
>> NAS-Port-Id = "ttyS0"
>> Service-Type = NAS-Prompt-User
>> NAS-Port = 0
>> NAS-IP-Address = 10.2.120.150
>>
>> Can't locate object method "userIsInGroup" via package "Radius::Handler" at /usr/local/lib/perl5/site_perl/5.10.0/Radius/AuthGeneric.pm line 1707.
>> ...caught at /usr/local/bin/radiusd line 5.
>>
>>
>> Robb Pfrank
>> Office +1 (312) 601-8647
>> robb at headlandstech.com
>>
>>
>>
>> -----Original Message-----
>> From: Hugh Irvine [mailto:hugh at open.com.au]
>> Sent: Thursday, April 05, 2012 6:58 PM
>> To: Robb Pfrank
>> Cc: radiator at open.com.au List
>> Subject: Re: [RADIATOR] evaluation - Checkby syntax
>>
>>
>> Hello Robb -
>>
>> As Heikki rightly says, you will need to alter the Handler definition to match what is actually in the incoming request.
>>
>> It is always essential to study the contents of the incoming requests with a trace 4 debug so you can see exactly what is happening.
>>
>> My example was just that - an example showing how I tend to structure Radiator configuration files.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 6 Apr 2012, at 02:46, Heikki Vatiainen wrote:
>>
>>> On 04/05/2012 04:12 PM, Robb Pfrank wrote:
>>>
>>> Hello Robb,
>>>
>>>> I attempted to use the config provided but the handler is not picking my device up. I have specified to specific IP address instead of DEFAULT, this did not seem to work either.
>>>
>>> Try this:
>>> <Handler Client-Identifier = NetworkEquipment, Service-Type =
>>> NAS-Prompt-User>
>>>
>>> instead of this:
>>>
>>> <Handler Client-Identifier = NetworkEquipment, Service-Type =
>>> Login-User>
>>>
>>> Now it fails to match the Handler because Service-Type is different
>>> in the request than in the Handler's checklist.
>>>
>>> Heikki
>>>
>>>
>>>> Thu Apr 5 09:09:57 2012: DEBUG: Creating StreamServer tcp port
>>>> 0.0.0.0:8100 Thu Apr 5 09:09:57 2012: DEBUG: Finished reading configuration file 'simple.cfg'
>>>> This Radiator license will expire on 2012-08-01 This Radiator
>>>> license will stop operating after 1000 requests To purchase an
>>>> unlimited full source version of Radiator, see
>>>> http://www.open.com.au/ordering.html
>>>> To extend your license period, contact admin at open.com.au
>>>>
>>>> Thu Apr 5 09:09:57 2012: DEBUG: Reading dictionary file './dictionary'
>>>> Thu Apr 5 09:09:57 2012: DEBUG: Creating authentication port
>>>> 0.0.0.0:1812 Thu Apr 5 09:09:57 2012: DEBUG: Creating accounting
>>>> port 0.0.0.0:1813 Thu Apr 5 09:09:57 2012: NOTICE: Server started:
>>>> Radiator 4.9 on sec-l-adm02 (LOCKED) Thu Apr 5 09:10:31 2012: DEBUG: Packet dump:
>>>> *** Received from 10.2.120.150 port 36248 ....
>>>> Code: Access-Request
>>>> Identifier: 185
>>>> Authentic: M<18>A(<17>_H<194>B<159><196>?<247>,ag
>>>> Attributes:
>>>> User-Name = "robert"
>>>> User-Password = "<210>J<242>Q<241>c^O<30><185>sm2<194><253>
>>>> NAS-Port-Id = "ttyS0"
>>>> Service-Type = NAS-Prompt-User
>>>> NAS-Port = 0
>>>> NAS-IP-Address = 10.2.120.150
>>>>
>>>> Thu Apr 5 09:10:31 2012: DEBUG: Handling request with Handler '', Identifier ''
>>>> Thu Apr 5 09:10:31 2012: DEBUG: Deleting session for robert,
>>>> 10.2.120.150, 0 Thu Apr 5 09:10:31 2012: DEBUG: Handling with
>>>> AuthINTERNAL: RejectAuthAcceptAcct Thu Apr 5 09:10:31 2012: DEBUG:
>>>> AuthBy INTERNAL result: REJECT, Fixed by AuthResult Thu Apr 5
>>>> 09:10:31 2012: INFO: Access rejected for robert: Fixed by AuthResult Thu Apr 5 09:10:31 2012: DEBUG: Packet dump:
>>>> *** Sending to 10.2.120.150 port 36248 ....
>>>> Code: Access-Reject
>>>> Identifier: 185
>>>> Authentic: g<182>'A/jRt]5<30><240><160><27>O<170>
>>>> Attributes:
>>>> Reply-Message = "Request Denied"
>>>>
>>>>
>>>>
>>>>
>>>> <Client 10.2.120.150>
>>>> Identifier NetworkEquipment
>>>> Secret mysecret
>>>> DupInterval 0
>>>> </Client>
>>>>
>>>>
>>>> <AuthBy SYSTEM>
>>>> Identifier SystemAuthentication </AuthBy>
>>>>
>>>> <AuthBy FILE>
>>>> Identifier GroupAuthentication
>>>> Filename %D/users
>>>> </AuthBy>
>>>>
>>>> <AuthBy INTERNAL>
>>>> Identifier RejectAuthAcceptAcct
>>>> AuthResult REJECT
>>>> AcctResult ACCEPT
>>>> </AuthBy>
>>>>
>>>> <Handler Client-Identifier = NetworkEquipment, Service-Type = Login-User>
>>>> AuthByPolicy ContinueWhileAccept
>>>> AuthBy GroupAuthentication
>>>> AuthBy SystemAuthentication
>>>> </Handler>
>>>>
>>>> <Handler>
>>>> AuthBy RejectAuthAcceptAcct
>>>> </Handler>
>>>>
>>>> <ServerHTTP>
>>>> Port 8100
>>>> DefaultPrivilegeLevel 15
>>>> </ServerHTTP>
>>>>
>>>> Robb Pfrank
>>>> Office +1 (312) 601-8647
>>>> robb at headlandstech.com
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Hugh Irvine [mailto:hugh at open.com.au]
>>>> Sent: Tuesday, April 03, 2012 7:24 PM
>>>> To: Robb Pfrank
>>>> Cc: radiator at open.com.au
>>>> Subject: Re: [RADIATOR] evaluation - Checkby syntax
>>>>
>>>>
>>>> Hello Robb -
>>>>
>>>> You would do something like the following:
>>>>
>>>>
>>>> SIMPLE.CFG
>>>>
>>>> Foreground
>>>> LogStdout
>>>> LogDir .
>>>> DbDir .
>>>> # User a lower trace level in production systems:
>>>> Trace 4
>>>>
>>>> AuthPort 1645,1812
>>>> AcctPort 1646,1813
>>>>
>>>> # You will probably want to add other Clients to suit your site, #
>>>> one for each NAS you want to work with
>>>>
>>>> <Client 1.1.1.1>
>>>> Identifier NetworkEquipment
>>>> Secret mysecret
>>>> DupInterval 0
>>>> </Client>
>>>>
>>>> <Client 2.2.2.2>
>>>> Identifier NetworkEquipment
>>>> Secret mysecret
>>>> DupInterval 0
>>>> </Client>
>>>>
>>>> <Client 3.3.3.3>
>>>> Identifier NetworkEquipment
>>>> Secret mysecret
>>>> DupInterval 0
>>>> </Client>
>>>>
>>>> ......
>>>>
>>>> <AuthBy SYSTEM>
>>>> Identifier SystemAuthentication
>>>> </AuthBy>
>>>>
>>>> <AuthBy FILE>
>>>> Identifier GroupAuthentication
>>>> Filename %D/users.group
>>>> </AuthBy>
>>>>
>>>> <AuthBy INTERNAL>
>>>> Identifier RejectAuthAcceptAcct
>>>> AuthResult REJECT
>>>> AcctResult ACCEPT
>>>> </AuthBy>
>>>>
>>>> <Handler Client-Identifier = NetworkEquipment, Service-Type = Login-User>
>>>> AuthByPolicy ContnueWhileAccept
>>>> AuthBy GroupAuthentication
>>>> AuthBy SystemAuthentication
>>>> </Handler>
>>>>
>>>> <Handler>
>>>> AuthBy RejectAuthAcceptAcct
>>>> </Handler>
>>>>
>>>>
>>>> The contents of the file "users.group" would look like this:
>>>>
>>>> # users.group
>>>>
>>>> DEFAULT Auth-Type = SystemAuthentication, Group = netadm
>>>>
>>>>
>>>> BTW - there are a great many example configuration files in the "goodies" directory of the Radiator distribution.
>>>>
>>>> Hope that helps.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On 4 Apr 2012, at 05:30, Robb Pfrank wrote:
>>>>
>>>>> I am evaluating radiator and would like to setup authentication using linux username & passwords as well as another type of check to allow access.. For instance check if the user is part of a particular group before having their login accepted. Specifically I want to limit networking equipment access to users in the netadm group, I am running this on fedora 12. Below is my simple.cfg for testing, everything else works fine but I am having trouble interpreting the documentation for tiered authentication. Thank you for your assistance.
>>>>>
>>>>>
>>>>>
>>>>> SIMPLE.CFG
>>>>>
>>>>> Foreground
>>>>> LogStdout
>>>>> LogDir .
>>>>> DbDir .
>>>>> # User a lower trace level in production systems:
>>>>> Trace 4
>>>>>
>>>>> AuthPort 1645,1812
>>>>> AcctPort 1646,1813
>>>>>
>>>>> # You will probably want to add other Clients to suit your site, #
>>>>> one for each NAS you want to work with <Client>
>>>>> Secret mysecret
>>>>> DupInterval 0
>>>>> </Client>
>>>>>
>>>>> <Client DEFAULT>
>>>>> Secret mysecret
>>>>> </Client>
>>>>>
>>>>> <Realm>
>>>>> <AuthBy UNIX>
>>>>> Identifier System
>>>>> Filename /etc/shadow
>>>>> #Filename /etc/passwd
>>>>> GroupFilename /etc/group
>>>>> # Log accounting to a detail file
>>>>> AcctLogFileName /etc/radiator/radiator.log
>>>>> <ServerHTTP>
>>>>> Port 8100
>>>>> DefaultPrivilegeLevel 15
>>>>> </ServerHTTP>
>>>>> </Realm>
>>>>>
>>>>>
>>>>> Current output checking Linux /etc/passwd file, need to add group or some other type of identifier mechanism to the check.
>>>>>
>>>>> Tue Apr 3 15:28:12 2012: ERR: Could not resolve an address for
>>>>> Client Tue Apr 3 15:28:12 2012: ERR: Unknown keyword
>>>>> 'AcctLogFileName' in simple.cfg line 65 Tue Apr 3 15:28:13 2012:
>>>>> DEBUG: Creating StreamServer tcp port 0.0.0.0:8100 Tue Apr 3 15:28:13 2012: DEBUG: Finished reading configuration file 'simple.cfg'
>>>>> This Radiator license will expire on 2012-08-01 This Radiator
>>>>> license will stop operating after 1000 requests To purchase an
>>>>> unlimited full source version of Radiator, see
>>>>> http://www.open.com.au/ordering.html
>>>>> To extend your license period, contact admin at open.com.au Tue Apr 3
>>>>> 15:28:13 2012: DEBUG: Reading dictionary file './dictionary'
>>>>> Tue Apr 3 15:28:13 2012: DEBUG: Creating authentication port
>>>>> 0.0.0.0:1645 Tue Apr 3 15:28:13 2012: DEBUG: Creating
>>>>> authentication port 0.0.0.0:1812 Tue Apr 3 15:28:13 2012: DEBUG:
>>>>> Creating accounting port 0.0.0.0:1646 Tue Apr 3 15:28:13 2012:
>>>>> DEBUG: Creating accounting port 0.0.0.0:1813 Tue Apr 3 15:28:13 2012: NOTICE: Server started:
>>>>> Radiator 4..9 on sec-l-adm02 (LOCKED) Tue Apr 3 15:28:34 2012: DEBUG: Packet dump:
>>>>> *** Received from 10.2.120.150 port 56193 ....
>>>>> Code: Access-Request
>>>>> Identifier: 64
>>>>> Authentic:
>>>>> <131><19><159><26><141><164><247><161>`<143><202>G<202>mA<186>
>>>>> Attributes:
>>>>> User-Name = "robert"
>>>>> User-Password = <226>D4<133>#y<153>=<251><186>r<136><14><8><143><147>
>>>>> NAS-Port-Id = "ttyS0"
>>>>> Service-Type = NAS-Prompt-User
>>>>> NAS-Port = 0
>>>>> NAS-IP-Address = 10.2.120.150 Tue Apr 3 15:28:34 2012:
>>>>> DEBUG: Handling request with Handler 'Realm=', Identifier ''
>>>>> Tue Apr 3 15:28:34 2012: DEBUG: Deleting session for robert,
>>>>> 10.2.120.150, 0 Tue Apr 3 15:28:34 2012: DEBUG: Handling with
>>>>> Radius::AuthUNIX: System Tue Apr 3 15:28:34 2012: DEBUG: Reading
>>>>> group file /etc/group Tue Apr 3 15:28:34 2012: DEBUG:
>>>>> Radius::AuthUNIX looks for match with robert [robert] Tue Apr 3
>>>>> 15:28:34 2012: DEBUG: Radius::AuthUNIX ACCEPT: : robert [robert]
>>>>> Tue Apr 3 15:28:34 2012: DEBUG: AuthBy UNIX result: ACCEPT, Tue
>>>>> Apr 3
>>>>> 15:28:34 2012: DEBUG: Access accepted for robert Tue Apr 3 15:28:34 2012: DEBUG: Packet dump:
>>>>> *** Sending to 10.2.120.150 port 56193 ....
>>>>> Code: Access-Accept
>>>>> Identifier: 64
>>>>> Authentic: k<206><151><250>5<246>p=<23><141>.<197><167><244>Un
>>>>> Attributes:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Robb Pfrank
>>>>> Office +1 (312) 601-8647
>>>>> robb at headlandstech.com
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> The contents of this message (including any attachment(s)) may be
>>>>> privileged and confidential and is intended solely for the private
>>>>> use of the intended recipient(s). If you are not the intended
>>>>> recipient or have received this message in error, please notify the
>>>>> sender immediately and delete the message. You should not
>>>>> disseminate, distribute or copy this message without the permission of the author. This message cannot in any way bind Headlands Technologies LLC or any affiliate to any contract or other obligation.
>>>>>
>>>>> _______________________________________________
>>>>> radiator mailing list
>>>>> radiator at open.com.au
>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>>
>>>> --
>>>>
>>>> Hugh Irvine
>>>> hugh at open.com.au
>>>>
>>>> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc.
>>>> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>>>
>>>>
>>>>
>>>>
>>>> The contents of this message (including any attachment(s)) may be privileged and confidential and is intended solely for the private use of the intended recipient(s). If you are not the intended recipient or have received this message in error, please notify the sender immediately and delete the message. You should not disseminate, distribute or copy this message without the permission of the author. This message cannot in any way bind Headlands Technologies LLC or any affiliate to any contract or other obligation.
>>>>
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at open.com.au
>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>
>>>
>>> --
>>> Heikki Vatiainen <hvn at open.com.au>
>>>
>>> Radiator: the most portable, flexible and configurable RADIUS server
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
>>> TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>>> NetWare etc.
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>>
>>
>> --
>>
>> Hugh Irvine
>> hugh at open.com.au
>>
>> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc.
>> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>
>>
>>
>>
>> The contents of this message (including any attachment(s)) may be privileged and confidential and is intended solely for the private use of the intended recipient(s). If you are not the intended recipient or have received this message in error, please notify the sender immediately and delete the message. You should not disseminate, distribute or copy this message without the permission of the author. This message cannot in any way bind Headlands Technologies LLC or any affiliate to any contract or other obligation.
>>
>
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc.
> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>
>
>
>
> The contents of this message (including any attachment(s)) may be privileged and confidential and is intended solely for the private use of the intended recipient(s). If you are not the intended recipient or have received this message in error, please notify the sender immediately and delete the message. You should not disseminate, distribute or copy this message without the permission of the author. This message cannot in any way bind Headlands Technologies LLC or any affiliate to any contract or other obligation.
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list