radius authentication
Salman Afzal
salman at neduet.edu.pk
Thu Feb 8 10:54:35 UTC 2001
Daniel,
Thanks , now its working but fortunately i'm using inn-2.3.0. and i have to
make some changes in your sugession. here it is
readers.conf--------------------start----------------------
the local machine
auth "localhost" {
hosts: "localhost, 127.0.0.1, stdin"
default: "<localhost>"
}
auth "all" {
hosts: "*"
auth: "radius -f /usr/local/news/etc/radius.conf"
}
access "localhost" {
users: "<localhost>"
newsgroups: "*"
}
access "all" {
users: "*"
newsgroups: "*"
access: "Read Post"
}
and the same as you sugessted in radius.conf.
regards
salman
Daniel G. Thompson wrote:
> Salman,
>
> Try replacing your auth section for radius to something like this:
>
> auth all {
> hosts: "0.0.0.0"
> auth: "radius -f /news/etc/radius.conf"
> default: <FAIL>
> default-domain: "mydomain.com"
> }
>
> ## Then replace your Access section of readers.conf with this:
> ##
>
> access "localhost" {
> users: "<localhost>"
> newsgroups: "*"
> }
>
> access "mydomain.com" {
> users: "*@mydomain.com"
> newsgroups: "*"
> access: "Read Post"
> }
>
> access fail {
> users: <FAIL>@mydomain.com"
> newsgroups: "!*"
> }
>
> ## In Radius.conf I only have the following set:
> ##
>
> radhost:192.16.1.2 ## Replace with the ip-address of your radius server.
> secret:online
>
> _______________________________________________________
>
> This is of course making the assumption that you have a working radius
> server that has an access file that includes a line for your news server.
> If you have not already done so, you might want to verify that your radius
> server is working.
>
> I have had radius running here for a number of years, yet I spent many hours
> working on this very same problem only to discover that my radius server
> would not authenticate the news server. I added radius to a spare machine
> that I have running here and it still would not work, so I downloaded the
> latest Cistron-radius and set it up on the spare machine. As soon as I had
> the Cistron-radius set up properly the authentication worked fine.
>
> I was using Ascend-radius ( a variant of Livingston-radius) to authenticate
> my dialup users, however it just would not work with the innd. The
> Cistron-radius
> will however work with news, and it works with my dialups.
>
> I am certainly no expert on innd at all, but I just recently went through
> making
> radius auth work with innd and thought I might be able to share some things
> that I learned while configuring innd.
>
> Dan Thompson
> dan at waycom.com
>
> > Hi ,
> >
> > Thanks Daniel, for the sugession.
> >
> > Here is the configuration of readers.conf and radius.conf, i'm using the
> > livingston radius server on linux box. please suggest if any changes are
> > required in the configuration.of news server files.
> >
> > READERS.CONF----------------------start------------------------
> > auth "localhost" {
> > hosts: "localhost, 127.0.0.1, stdin"
> > default: "<localhost>"
> > }
> > access "localhost" {
> > users: "<localhost>"
> > newsgroups: "*"
> > }
> > auth "all" {
> > hosts: "*"
> > auth: "radius"
> > }
> >
> > access "all" {
> > users: "*"
> > newsgroups: "*"
> > access: "Read Post"
> > -----------------------------------end----------------------------
> >
> > RADIUS.CONF------------------start----------------------
> >
> > radhost: authorize.domain.com
> > radport: 1645
> > lochost: news.domain.com
> > #locport: 119
> > secret: news
> > #prefix: news-
> > #suffix: @example.com
> >
> > -------------------------end------------------------------------
> >
> > regards
> > Salman Afzal
> >
> >
> > Daniel G. Thompson wrote:
> >
> > > Yes, INN will authenticate through radius. I have tried authentication
> to
> > > three different radius servers and have come to the conclusion that if
> you
> > > want to use radius authentication you should first install
> Cistron-Radius.
> > > I can tell you for certain Ascend=Radius does not work.
> > >
> > > Now with that out of the way.....
> > >
> > > You might want to send a snippet of your readers.conf file as well as
> > > one from your radius.conf file so that the people here can take a look
> > > at them.
> > >
> > > Dan
> > >
> > > > Hi all,
> > > >
> > > > I am trying to authenticate the readers from remote radius server,
> could
> > > > any one please help me and let me know if it is possible to get it
> > > > working , as i am still unable to do so . since i configured my
> > > > readers.conf and radius.conf according to the man pages.
> > > >
> > > > thanks
> > > > salman
> > > >
> > > >
> > > > -- Binary/unsupported file stripped by Listar --
> > > > -- Type: text/x-vcard
> > > > -- File: vcard.vcf
> > > > -- Desc: Card for Salman Afzal
> > > >
> > > >
> > > >
> >
> >
> >
-- Binary/unsupported file stripped by Listar --
-- Type: text/x-vcard
-- File: vcard.vcf
-- Desc: Card for Salman Afzal
More information about the inn-workers
mailing list