出入Freeradius之简单安装
radius服务搭建
1. 安装FreeRadius服务器(需要root用户):freeRadius下载地址http://packages.networkradius.com/releases/centos/7/repo/)
分别下载freeradius-config-3.0.18-2.el7.x86_64.rpm,freeradius -3.0.18-2.el7.x86_64.rpm ,freeradius-rest-3.0.18-2.el7.x86_64.rpm(认证类型为rest所依赖模块)
freeradius-utils-3.0.18-2.el7.x86_64.rpm
安装顺序如下,如果安装不成功需按提示解决依赖 依赖解决按照提示下载对应的rpm文件提示complate 安装成功
yum install freeradius-config-3.0.18-2.el7.x86_64.rpm -y
yum install freeradius -3.0.18-2.el7.x86_64.rpm -y
yum install freeradius-rest-3.0.18-2.el7.x86_64.rpm -y
yum install freeradius-utils-3.0.18-2.el7.x86_64.rpm -y
如 freeradius -3.0.18-2.el7.x86_64.rpm 依赖openssl 1.0.2k 下载openssl-libs-1.0.2k-16.el7.x86_64.rpm
yum install openssl-libs-1.0.2k-16.el7.x86_64.rpm -y
2启动 radius 服务 radiusd -X debug模式启动提示 Ready to process requests
服务启动成功
3配置/etc/raddb/users 文件 放开注释用户
bobCleartext-Password := "hello" (用户名为bob,密码为hello)
Reply-Message := "Hello, %{User-Name}"(认证成功响应 )
查看/etc/raddb/clients 本地测试客户端
client localhost{
secret = testing123(秘钥为testing123)
}
4测试命令radtest bob hello 127.0.0.1 0 testing123
5测试结果
-bash-4.2$ radtest bob hello 127.0.0.1 0 testing123
Sent Access-Request Id 214 from 0.0.0.0:42620 to 127.0.0.1:1812 length 73
User-Name = "bob"
User-Password = "hello"
NAS-IP-Address = 10.1.11.69
NAS-Port = 0
Message-Authenticator = 0x00
Cleartext-Password = "hello"
Received Access-Accept Id 214 from 127.0.0.1:1812 to 127.0.0.1:42620 length 32
Reply-Message = "Hello, bob"
radius服务搭建完成
总结:在搭建完重启时会报
Copyright (C) 1999-2019 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Configuration directory /etc/raddb is globally writable. Refusing to start due to insecure configuration.这是因为我在修改配置文件的时候偷懒把/etc/raddb目录设置成了 777权限。freeradius认为不安全。把raddb目录权限改回来即可。