rlm_digest

Section: FreeRADIUS Module (5)
Updated: 31 March 2005
Index Return to Main Contents
 

NAME

rlm_digest - FreeRADIUS Module  

DESCRIPTION

The rlm_digest module authenticates RADIUS Access-Request packets that contain Cisco SIP digest authentication attributes. The module should be listed in the authorize and authenticate sections of radiusd.conf.  

CONFIGURATION

The digest module requires no additional configuration items. When it is being used to authenticate requests, however, it does require access to the clear-text password for the user. Hashed passwords are not acceptable, and will not work.  

EXAMPLES

Add the following lines to the top of your 'raddb/users' file:


#---

test Auth-Type := Digest, User-Password = "test"
Reply-Message = "Hello, test with digest"
#---

Once the server has been started (debugging mode is recommended), use 'radclient to send the following packet to the server:


$  radclient -f digest localhost auth testing123

Where 'digest' is a file containing:


  User-Name = "test",

Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
Digest-Realm = "testrealm",
Digest-Nonce = "1234abcd",
Digest-Method = "INVITE",
Digest-URI = "sip:5555551212@example.com",
Digest-Algorithm = "MD5",
Digest-User-Name = "test",
Message-Authenticator = ""

You should see the authentication succeed.

 

SECTIONS

authorize, authenticate

 

FILES

/etc/raddb/radiusd.conf, draft-sterman-aaa-sip-00.txt

 

AUTHOR

Alan DeKok <aland@ox.org>


 

Index

NAME
DESCRIPTION
CONFIGURATION
EXAMPLES
SECTIONS
FILES
AUTHOR

This document was created by man2html, using the manual pages.
Time: 13:47:04 GMT, August 08, 2017