Secure FreeRADIUS & LDAP
Dan Hawker
danhawker at googlemail.com
Fri Feb 20 11:35:29 CET 2009
Hi All,
I used to use FreeRADIUS *years* back (iirc pre v1) on Linux and it
worked rather well :)
Not touched it since, however have just started a new contract and
there is a requirement to use a RADIUS server to connect to our LDAP
box (Red Hat Dir Server) to in turn authenticate some users/equipment
that can't auth directly, but due to the nature of the environment,
all datastores and comms have to be secured/encrypted.
As the host will be RHEL5, FreeRADIUS would seem the ideal candidate
(comes with it, although a rather ancient 1.1.3 version by default,
can upgrade if needed), however before I start installing and testing,
wondered whether it will satisfy the secure part of the requirements.
So... My questions...
# Can freeradius talk to the ldap box using TLS/SSL (ldaps)
# Can freeradius read hashed credentials from the LDAP store and then
actually use them???
# There may be a requirement to use certificates for auth, can the
ldap/freeradius module handle certs???
Am sure there will be other issues/questions but until then.
TIA
Dan
--
--
Dan Hawker
danhawker at googlemail.com
--
More information about the Freeradius-Users
mailing list