Site Navigation

Date:      Sat, 14 Mar 1998 22:55:21 +0200
From:      Ian Freislich <iang@digs.iafrica.com>
To:        ken@mui.net
Cc:        hackers@FreeBSD.ORG
Subject:   Re: radius? 
Message-ID:  <E0yDxxh-0007fS-00@brane.digs.iafrica.com>
In-Reply-To: Your message of "Mon, 09 Mar 1998 13:02:16 GMT." <199803092306.NAA16334@rocksalt.mui.net> 

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Ken wrote:

> There are going to be 2 locations.  Site A and site B have 2 different
> user databases.  How does one set things up so that if they aren't
> in site A, then it passes it to site B? or is there a better way to
> handle this?
>
> Does it have something to do with Radius?

You can use the elm authentication provided by the Merit Radius server.

>From 'authfile':
#       This file contains a list of "realm" names which represent
#       authentication systems which may be used to authenticate a user.
#       Normally the user specifies the system where authentication is to
#       be performed by appending a realm name to his/her user id.  For
#       example, "joe@xyz" indicates that user joe wants to be authenticated
#       by realm xyz.  It is the purpose of this file to map the realm name
#       "xyz" to the actual DNS name of the authentication system and the
#       authentication protocol to be used.

You just get your users to login as 'user@siteA' or 'user@siteB'
and configure your radius server using the authfile to pass queries
for the other site on to the second radius server.

I'm going to be playing with this feature soon so the we can provide
a 'virtual ISP' service.

Of course, if the password files are reasonably static, it might
be easier just to sync them although I think that there will be
more maintenance involved (and things to go wrong) if you go that
route.

I've also made a couple of changes to this server that you may be
interested in.

-- igf (Ian Freislich)
http://copernicus.cpt.tech.iafrica.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yDxxh-0007fS-00>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact