LOGIN_RADIUS(8) BSD System Manager's Manual LOGIN_RADIUS(8)NAMElogin_radius - contact radiusd for authentication
SYNOPSISlogin_radius [-s service] user [class]
DESCRIPTION
The login_radius utility contacts the radiusd(8) daemon to authenticate a
user. When executed as the name login_style it will request radiusd(8)
to use the authentication specified by style.
The login_radius utility needs to know a shared secret for each radius
server it talks to. Shared secrets are stored in the file
/etc/raddb/servers with the format:
server shared_secret
The primary and possible secondary radius servers are defined in the
login.conf 5 file by the fields: radius-server and radius-server-alt.
It is expected that rather than requesting the radius style directly (in
which case the radiusd(8) server uses a default style) that login_radius
will be linked to the various mechanisms desired. For instance, to have
all CRYPTOCard and ActivCard authentication take place on a remote server
via the radius protocol, remove the login_activ and login_crypto modules
and link login_radius to both of those names. Now when the user requests
one of those authentication styles, login_radius will automatically for-
ward the request to the remote radiusd(8) and request it do the requested
style of authentication.
Unless the the style being used is listed in the radius-challenge-styles
entry of the /etc/login.conf file, a password will be requested before
sending the request to the radius server.
SEE ALSOlogin.conf(5), login(8), radiusd(8)
BSD/OS August 23, 1996 1