1\input texinfo @c -*-texinfo-*- 2@smallbook 3@c %**start of header 4@setfilename radius.info 5@settitle GNU radius 6@c %**end of header 7@setchapternewpage odd 8 9@c Define new indices 10@c at -- Attribute index 11@defcodeindex at 12@c kw -- Keyword index 13@defcodeindex kw 14@c ex -- Example index 15@defindex ex 16 17@c Combine everything into one 18@syncodeindex at cp 19@syncodeindex kw cp 20@syncodeindex ex cp 21@syncodeindex fn cp 22@syncodeindex pg cp 23 24@include version.texi 25@include config.texi 26@include rendition.texi 27@settitle GNU Radius Reference Manual 28 29@copying 30This manual documents GNU Radius (version @value{VERSION}, @value{UPDATED}). 31 32@multitable @columnfractions .50 .50 33@item Published by: @tab 34@item @tab 35@item GNU Press @tab Website: www.gnupress.org 36@item a division of the @tab General: press@@gnu.org 37@item Free Software Foundation @tab Orders: sales@@gnu.org 38@item 51 Franklin Street, Fifth Floor @tab Tel: 617-542-5942 39@item Boston, MA 02110-1301 USA @tab Fax: 617-542-2652 40@end multitable 41@sp 2 42Copyright @copyright{} 1999, 2000, 2001, 2002, 2003 Free Software 43Foundation 44@sp 1 45@quotation 46Permission is granted to copy, distribute and/or modify this document 47under the terms of the GNU Free Documentation License, Version 1.2 or 48any later version published by the Free Software Foundation; with no 49Invariant Sections, with the Front-Cover texts being ``A GNU Manual'', 50and with the Back-Cover Texts as in (a) below. A copy of the license 51is included in the section entitled ``GNU Free Documentation License''. 52 53(a) The FSF's Back-Cover Text is: ``You have freedom to copy and modify 54this GNU Manual, like GNU software. Copies published by the Free 55Software Foundation raise funds for GNU development.'' 56@end quotation 57@end copying 58 59@dircategory GNU radius 60@direntry 61* Radius: (radius). GNU Radius. 62* radwho: (radius)Radwho. Show who is logged in by radius now. 63* radlast: (radius)Radlast. Show the history of logins by radius. 64* radzap: (radius)Radzap. Modify the login records. 65* radgrep: (radius)Radgrep. Quickly find the login record. 66* radping: (radius)Radping. Ping the remote machine by the username. 67* radtest: (radius)Radtest. A RADIUS client shell. 68* radauth: (radius)Radauth. Check if a user can be authenticated. 69* radctl: (radius)Radctl. Radctl monitor. 70* builddbm: (radius)Builddbm. Create DBM version of the @file{raddb/users} file. 71* radscm: (radius)Radscm. A Guile interface to radius functions. 72@end direntry 73 74 75@iftex 76@shorttitlepage GNU Radius Reference Manual 77@end iftex 78 79@titlepage 80@title GNU Radius Reference Manual 81@subtitle version @value{VERSION}, @value{UPDATED} 82@author Sergey Poznyakoff 83 84@page 85@vskip 0pt plus 1filll 86@insertcopying 87@sp2 88Cover art by Etienne Suvasa. Cover design by Jonathan Richard. 89@end titlepage 90 91@node Top, Intro, , (dir) 92 93@ifinfo 94@top The GNU Radius 95 96GNU Radius is a suite of programs for performing user authentication 97and accounting using @RADIUS{} protocol. 98 99This Info file documents the version @value{VERSION} of the package. 100 101@end ifinfo 102 103@comment ******************************************************************* 104@menu 105* Intro:: An introduction to @RADIUS{} concepts 106 107The @RADIUS{} daemon 108* Naming Conventions:: Conventions about naming files and directories 109* Operation:: How @radiusd{} operates 110* Invocation:: How to start the daemon 111* Configuration Files:: @radiusd{} configuration files 112* Request Comparison:: How duplicate requests are dealt with 113* Authentication:: How users are authenticated 114* Accounting:: Accounting methods 115* Logging:: What gets logged and where 116* Problem Tracking:: Fixing configuration errors 117* Extensions:: Extending GNU Radius 118 119* Utility Programs:: 120* Client Package:: 121 122Radius Attributes 123* Attribute List:: Some frequently used attributes 124 125Reporting Bugs and getting information 126* Bugs:: How to report a bug 127* News:: Where to get info about GNU Radius 128 129Obtaining GNU Radius 130* Distrib:: How to Obtain the GNU Radius 131* Glossary:: The glossary 132* Acknowledgements:: 133 134What Next? 135 136* GNU configuration:: New configuration 137 138Appendices 139 140* Copying This Manual:: The GNU Free Documentation License. 141 142Indices 143* Index:: 144 145Here are some other nodes which are really inferiors of the ones 146already listed, mentioned here so you can get to them in one step: 147 148 --- The Detailed Node Listing --- 149 150Radius Configuration 151 152* config file:: Run-time configuration options. 153* dictionary file:: Radius dictionary. 154* clients file:: Clients lists the @NAS{}es that are allowed to 155 communicate with radius. 156* naslist file:: The naslist file keeps general information about 157 the @NAS{}es. 158* nastypes file:: Information about how to query the @NAS{}es about 159 active user sessions. 160* hints file:: Important user information that is common for the 161 users whose names match some pattern. 162* huntgroups file:: Group users by the @NAS{} (and, possibly, a port 163 number) they come from. 164* realms file:: Communication with remote radius servers 165* users file:: User profile. 166* access.deny file:: List of users which are denied access. 167* sqlserver file:: SQL server configuration. 168* rewrite file:: Rewrite functions allow to change the input 169 packets. 170* menus directory:: Menus allow user to select the type of 171 service. 172 173Client configuration 174 175* client.conf:: Main client configuration file. 176 177@end menu 178 179@comment ******************************************************************* 180 181@include intro.texi 182@include naming.texi 183@include operation.texi 184@include invoke.texi 185@include configure.texi 186@include comp.texi 187@include auth.texi 188@include acct.texi 189@include logging.texi 190@include debug.texi 191@include extensions.texi 192@include programs.texi 193@include client.texi 194@include attributes.texi 195@include bugs.texi 196 197@comment ******************************************************************* 198@node Distrib, Glossary, Top, Top 199@unnumbered How to Obtain Radius 200 201GNU Radius is @dfn{free software}; this means that everyone is free to 202use it and free to redistribute it on certain conditions. GNU Radius is 203not in the public domain; it is copyrighted and there are restrictions 204on its distribution, but these restrictions are designed to permit 205everything that a good cooperating citizen would want to do. What is 206not allowed is to try to prevent others from further sharing any version 207of GNU Radius that they might get from you. The precise conditions are 208found in the GNU General Public License that comes with Radius and also 209appears following this section. 210 211One way to get a copy of GNU Radius is from someone else who has it. You 212need not ask for our permission to do so, or tell any one else; just 213copy it. If you have access to the Internet, you can get the latest 214distribution version of GNU Radius by anonymous FTP. It is available at 215@url{ftp://ftp.gnu.org/pub/gnu/radius} 216 217@comment ******************************************************************* 218@node Glossary, Acknowledgements, Distrib, Top 219@unnumbered Radius Glossary 220 221Throughout this document the following terms are used: 222 223@table @asis 224 225@item @RADIUS{} (small capitals) 226The Remote Authentication Dial In User Service 227protocol as described in RFC 2138, 2865, and 2866. 228 229@cindex @sc{nas} 230@cindex Network Access Server 231@item @NAS{} 232A network access server, that is, a computer or a special device 233designed to provide access to the network. For example, it can be a 234computer connected to the network and equipped with several modems. 235Such a 236@NAS{} will allow a user connecting to one of its modems to access the 237network. 238 239@cindex Service 240@item Service 241A service, such as PPP, SLIP, or telnet, provided to a user by the @NAS{}. 242 243@cindex Session 244@item Session 245Each instance of a service. Sessions start when the service is 246first provided and close when the service is ended. A user may be 247allowed to have multiple 248sessions active simultaneously. 249 250@cindex Session ID 251@item Session @sc{id} 252The session identifier: a string of characters uniquely identifying the session. 253 254@cindex A/V pair 255@cindex Attribute 256@cindex Attribute-Value pair 257@item @AVP{} 258Attribute-value pair: see @ref{Attributes}. 259 260@cindex Dial-in user 261@cindex Dial-up user 262@item Dial-in or dial-up user 263A user connecting to a service through the modem line. 264 265@item User database 266A database where a @RADIUS{} server keeps information about users, their 267authentication information, etc. 268 269@item User's profile 270A record in the user database describing a particular user for 271purposes of authentication and authorization, i.e., how the user should 272be authenticated as well as which services he is allowed to be 273provided and parameters of these services. 274 275@end table 276 277@comment ******************************************************************* 278@node Acknowledgements, GNU configuration, Glossary, Top 279@unnumbered Acknowledgements 280 281I would like to acknowledge Oswaldo Aguirre and Francisco 282Obispo, who invested a lot of time and effort to debug and test 283the program. They also wrote @command{web-radact} --- a web interface 284to the radius database. 285 286Alexandre Oliva provided a lot of good advice and offered valuable 287help in testing Radius on various platforms. 288 289The following people provided many helpful comments, bug reports and 290patches: Dustin Mitchell, Jody Owens, Andrey Y. Mosienko, Oleg Gawriloff, 291Adrian P. van Bloois, Michael Samuel, Michael Smirnov, Andrey Pavlenko, 292Michael Weiser, Eric Salom@'e, Clement Gerouville, Dave Restall, 293Vlad Lungu, Robert Abbate, Jaime Tellez Sanchez, Cornel Cristea, 294Krzysztof Kopera, and David Friedman. 295 296Additional people need to be thanked for their assistance in producing 297this manual. Lisa M. Goldstein coordinated its preparation and Joseph 298C. Fineman and Daniel Barowy did a remarkable job of editing. 299 300And of course, thanks to Richard M. Stallman for founding the FSF and 301starting the GNU project. 302 303@comment ******************************************************************* 304@node GNU configuration, Copying This Manual, Acknowledgements, Top 305@include gradient.texi 306 307@comment ******************************************************************* 308@node Copying This Manual, Index, GNU configuration, Top 309@include fdl.texi 310 311@node Index, , Copying This Manual, Top 312@unnumbered Index 313@printindex cp 314@page 315 316@summarycontents 317@contents 318 319@bye 320 321Local Variables: 322compile-command: "makeinfo --force radius.texi" 323End: 324