AAA на примере FreeRadius

Материал из wiki
Перейти к: навигация, поиск

AAA на примере FreeRadius

AAA

A

A

A

local

LDAP

Kerberos

RADIUS

TACACS+

SSO

freeradius

apt-get install freeradius

NAS:

/etc/freeradius/clients.conf

Пользователи:

/etc/freeradius/users
cisco Cleartext-Password := "ciscocisco"
service freeradius stop
freeradius -X


Проверка:

root@model-net-ctrl-1:~# radtest cisco ciscocisco 127.0.0.1 0 testing123
Sending Access-Request of id 118 to 127.0.0.1 port 1812
        User-Name = "cisco"
        User-Password = "ciscocisco"
        NAS-IP-Address = 212.192.64.218
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=118, length=20

Cisco IOS

SSH