key from freeRadius to NAS

Arran Cudbard-Bell A.Cudbard-Bell at
Tue May 29 09:42:06 CEST 2007

ashola ashola wrote:
> Hi,
> How can we transmit a key from FreeRadius to the NAS (Access Point) ?
> Ashola
> Get the Yahoo! toolbar and be alerted to new email 
> <*>wherever 
> you're surfing.
> ------------------------------------------------------------------------
> - 
> List info/subscribe/unsubscribe? See

By the magic of ssh / snmp / web interface.

i.e you can't.

Store all your nases in an SQL database and load them into FreeRADIUS 
using Rlm_SQL.

You can populate the secrets using this SQL query (if using MySQL)

UPDATE `nas` SET nas.secret = 
substr(md5(concat(RAND(),nas.nasname)),1,31) WHERE master.secret = ""

See here for default schema

Then write a script to pull the secret out of SQL and write it to the 
NAS using SNMP.


Write a script to open ssh shell sessions to your APs and write the 
secret to them using ssh.


I've got some very basic PHP classes which I wrote and use , though 
you'll need the ssh2 extension compiled in. And you'll have to modify 
some of the SQL queries.


If anyone has any scripts in other languages they would like to donate...


If you really have nothing better to do you can do them all by hand :)

We have ~ 500 switches and my scripts seem to do them fine, though they 
don't work with ssh v1 only v2 , so I have to do the hundred or so 
HP2524s by hand *ick*.

Damn you HP for not supporting SNMP setting of shared secrets :(
Arran Cudbard-Bell (A.Cudbard-Bell at
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900

More information about the Freeradius-Devel mailing list