summaryrefslogtreecommitdiff
path: root/pppd/plugins/radius/etc/radiusclient.conf.in
diff options
context:
space:
mode:
Diffstat (limited to 'pppd/plugins/radius/etc/radiusclient.conf.in')
-rw-r--r--pppd/plugins/radius/etc/radiusclient.conf.in91
1 files changed, 91 insertions, 0 deletions
diff --git a/pppd/plugins/radius/etc/radiusclient.conf.in b/pppd/plugins/radius/etc/radiusclient.conf.in
new file mode 100644
index 0000000..eae292c
--- /dev/null
+++ b/pppd/plugins/radius/etc/radiusclient.conf.in
@@ -0,0 +1,91 @@
+# General settings
+
+# specify which authentication comes first respectively which
+# authentication is used. possible values are: "radius" and "local".
+# if you specify "radius,local" then the RADIUS server is asked
+# first then the local one. if only one keyword is specified only
+# this server is asked.
+auth_order radius
+
+# maximum login tries a user has (default 4)
+login_tries 4
+
+# timeout for all login tries (default 60)
+# if this time is exceeded the user is kicked out
+login_timeout 60
+
+# name of the nologin file which when it exists disables logins.
+# it may be extended by the ttyname which will result in
+# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
+# logins on /dev/ttyS2) (default /etc/nologin)
+nologin /etc/nologin
+
+# name of the issue file. it's only display when no username is passed
+# on the radlogin command line (default /etc/radiusclient/issue)
+issue @pkgsysconfdir@/issue
+
+# RADIUS settings
+
+# RADIUS server to use for authentication requests. this config
+# item can appear more then one time. if multiple servers are
+# defined they are tried in a round robin fashion if one
+# server is not answering.
+# optionally you can specify a the port number on which is remote
+# RADIUS listens separated by a colon from the hostname. if
+# no port is specified /etc/services is consulted of the radius
+# service. if this fails also a compiled in default is used.
+authserver localhost:1812
+
+# RADIUS server to use for accouting requests. All that I
+# said for authserver applies, too.
+#
+acctserver localhost:1813
+
+# file holding shared secrets used for the communication
+# between the RADIUS client and server
+servers @pkgsysconfdir@/servers
+
+# dictionary of allowed attributes and values
+# just like in the normal RADIUS distributions
+dictionary @pkgsysconfdir@/dictionary
+
+# program to call for a RADIUS authenticated login
+# (default /usr/sbin/login.radius)
+login_radius @sbindir@/login.radius
+
+# file which holds sequence number for communication with the
+# RADIUS server
+seqfile /var/run/radius.seq
+
+# file which specifies mapping between ttyname and NAS-Port attribute
+mapfile @pkgsysconfdir@/port-id-map
+
+# default authentication realm to append to all usernames if no
+# realm was explicitly specified by the user
+# the radiusd directly form Livingston doesnt use any realms, so leave
+# it blank then
+default_realm
+
+# time to wait for a reply from the RADIUS server
+radius_timeout 10
+
+# resend request this many times before trying the next server
+radius_retries 3
+
+# NAS-Identifier
+#
+# If supplied, this option will cause the client to send the given string
+# as the contents of the NAS-Identifier attribute in RADIUS requests. No
+# NAS-IP-Address attribute will be sent in this case.
+#
+# The default behavior is to send a NAS-IP-Address option and not send
+# a NAS-Identifier. The value of the NAS-IP-Address option is chosen
+# by resolving the system hostname.
+
+# nas_identifier MyUniqueNASName
+
+# LOCAL settings
+
+# program to execute for local login
+# it must support the -f flag for preauthenticated login
+login_local /bin/login
View Lorry Controller Status