cancel
Showing results for 
Search instead for 
Did you mean: 

Steps to configure Radius Authentication

 1>> yum install freeradius


/etc/raddb/  # Instalaltion location
 
2>> Start the Radius server in debug mode 
 
[root@localhost freeradius-server-3.0.15]# radiusd -X
 
You will get a message saying "Ready to process requests" at the end.
 
3>> Add the below entry in the authorized file for testing purpose 
 
/etc/raddb/mods-config/files/authorize  # File to edit 
 
gowtham Cleartext-Password := "edbadmin" 
 
### [ where testing123 is a shared secret code]
 
Test the access to the server on Os level
 
[root@localhost mods-enabled]# radtest gowtham edbadmin 127.0.0.1 0 testing123
Sent Access-Request Id 34 from 0.0.0.0:40849 to 127.0.0.1:1812 length 77
User-Name = "gowtham"
User-Password = "edbAdmin"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00
Cleartext-Password = "edbAdmin"
Received Access-Accept Id 34 from 127.0.0.1:1812 to 0.0.0.0:0 length 20
[root@localhost mods-enabled]# 
 
4>> Create this user in PostgreSQL/ EPAS database server 
 
5>> Edit the pg_hba.conf file as below and reload the server  [ For testing*]
 
host        all                all                0.0.0.0/0           radius  radiusserver=127.0.0.1 radiussecret=testing123 radiusport=1812
 
6>> Login with the user # Please note for testing purpose, I have only one line in the 
pg_hba.conf file as below:
 
[enterprisedb@localhost ~]$ cat /opt/PostgresPlus/9.5AS/data/pg_hba.conf
host        all                all                0.0.0.0/0           radius  radiusserver=127.0.0.1 radiussecret=testing123 radiusport=1812
[enterprisedb@localhost ~]$
 
Testing:
 
[enterprisedb@localhost ~]$ /opt/PostgresPlus/9.5AS/bin/psql -d edb -p 5445 -U gowtham  -h 127.0.0.1
Password for user gowtham: 
psql.bin (9.5.0.5)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
 
edb=> 
 
Also for the users who are not part of the configuration see the error:
 
[enterprisedb@localhost ~]$ /opt/PostgresPlus/9.5AS/bin/psql -d edb -p 5445 -U enterprisedb  -h 127.0.0.1
Password for user enterprisedb: 
psql.bin: FATAL:  RADIUS authentication failed for user "enterprisedb"
FATAL:  RADIUS authentication failed for user "enterprisedb"
[enterprisedb@localhost ~]$ 
 
Version history
Revision #:
2 of 2
Last update:
‎02-19-2019 05:58 AM
Updated by:
 
Labels (2)
Contributors