View Source: RADIUS - Waikato Linux Users Group

You are viewing an old revision of this page. View the current version.

[Acronym] for Remote Authentication Dial In User Service.

RADIUS servers are used for authentication[1], authorization[2] and accounting[3] for terminals that speak the RADIUS protocol.  It was invented by a company called Livingston.

Think of RADIUS as a central network database for authentication.  You dial into your ISP and tell the system who you are and what your password is.  The device will then ask a RADIUS server whether you should be allowed on and what you should be allowed to do when you are on (eg. you might be allowed to connect only during certain hours).

Your device and your RADIUS server share a secret, so that not just anyone can go checking passwords against it.

If you want a RADIUS server on Linux, see http://www.freeradius.org/.  There are also [PAM] modules that let you authenticate against a Linux system at http://www.freeradius.org/pam_radius_auth/.

[Cisco] gear talks RADIUS.  Windows 2000 has a  [http://www.alepo.com/radius-server.shtml][RADIUS server] built in called Internet Authentication Service.

The protocol is described in RFC:2138, accounting add-ons are in RFC:2139.

See also [TACACS].

[1] Who are you
[2] What are you allowed to do
[3] What are we going to write down about it

5 pages link to RADIUS:

Version 4, saved on Monday, March 29, 2004 7:33:40 pm by PerryLorier

Edit PageHistory Diff Info LikePages