Login to Cisco devices through freeradius

Bruno Noronha bhnoronha at gmail.com
Fri Mar 20 15:25:00 CET 2009


Dawg, I have all default installation files. I read eap.conf and it seems to
be okay, I either changed any file, including adding new users! Everything
remains the same...

I know that "chmod 777" is not recommended. I did it just to make sure that
what I have isn't a permission issue.

Here is the output for id radiusd command:
uid=108(radiusd) gid=109(radiusd) groups=109(radiusd)

Reading this tutorial, http://wiki.freeradius.org/Cisco, it seems to be so
simple! Is there any possibility of OS incompatibity with freeRADIUS?

tks!



2009/3/20 <A.L.M.Buxey at lboro.ac.uk>

> Hi,
> > There is nothing related to eap to comment out in these files...
> > Should I create a certificate? Is it compulsory?
>
> hang on - do you actually HAVE any EAP cert/CA files that you are
> referencing in eap.conf?
>
> read eap.conf - see what files it is trying to read (cert, CA , pkcs12,
> random, etc)
> and check you actually HAVE those files.  if you have those files, then
> ensure that the
> permissions for the directory and files are suitable for reading - you DONT
> EVER want 777
>
> with 777 i could own your server and take over your infrastructure - you
> only want read
> permissions on the files...for the relavant user that the freeradius daemon
> is running as
> (usually radiusd)
>
> what does
>
> id radiusd
>
>
> give as output?
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090320/2c888499/attachment.html>


More information about the Freeradius-Users mailing list