![[BACK]](/icons/back.gif){kind=icon}
Return to radiusd.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc / examples|
Return to radiusd.conf CVS log | Up to [local] / src / etc / examples |
| File: [local] / src / etc / examples / radiusd.conf (download)
Revision 1.5, Sun Sep 24 06:09:35 2023 UTC (8 months, 2 weeks ago) by yasuoka
Strip realm part for bsdauth. This is required and an exmaple usage of new radius_standard module. |
# $OpenBSD: radiusd.conf,v 1.5 2023/09/24 06:09:35 yasuoka Exp $
listen on 0.0.0.0
#listen on ::
client 127.0.0.1/32 {
secret "secret"
# "msgauth-required no" to disable message authentication check for
# some implementations (e.g. login_radius(8)) don't support msgauth
msgauth-required no
}
client 192.168.0.0/24 {
secret "secret"
}
module load bsdauth "/usr/libexec/radiusd/radiusd_bsdauth"
#module set bsdauth restrict-group users
module load radius "/usr/libexec/radiusd/radiusd_radius"
module set radius secret "testing123"
module set radius server "127.0.0.1"
module load strip-realm "/usr/libexec/radiusd/radiusd_standard"
module set strip-realm strip-atmark-realm true
authenticate *@local {
authenticate-by bsdauth
decorate-by strip-realm
}
authenticate *@example.com {
authenticate-by radius
}