Radius Authentication on OpenBSD

login.conf file which configures radius authentication for an OpenBSD host servers file which contains keys for each of these radius servers

akonkol
February 16, 2012




%{--- /etc/login.conf file ---}%
auth-radius-defaults:auth=radius,passwd:\
        :radius-timeout=7:\
        :radius-server=%{primary_radius_server}%:\
        :radius-server-alt=%{secondary_radius_server}%:\

auth-defaults:auth=radius,passwd,skey:
auth-local:auth=passwd,skey


default:\
        :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\
        :umask=022:\
        :datasize-max=2048M:\
        :datasize-cur=1512M:\
        :maxproc-max=1024:\
        :maxproc-cur=512:\
        :openfiles-cur=64:\
        :stacksize-cur=64M:\
        :localcipher=blowfish,6:\
        :ypcipher=old:\
        :tc=auth-defaults:\
        :tc=auth-radius-defaults:\
        :tc=auth-ftp-defaults:


%{--- /etc/raddb/servers file ---}%
%{primary_radius_server}% %{primary_radius_server_secret}%
%{secondary_radius_server}% %{secondary_radius_server_secret}%