出入Freeradius之簡單安裝

                                                    radius服務搭建 

1.    安裝FreeRadius伺服器（需要root使用者）：freeRadius下載下傳位址http://packages.networkradius.com/releases/centos/7/repo/） 

分别下載下傳freeradius-config-3.0.18-2.el7.x86_64.rpm，freeradius -3.0.18-2.el7.x86_64.rpm ，freeradius-rest-3.0.18-2.el7.x86_64.rpm（認證類型為rest所依賴子產品） 

freeradius-utils-3.0.18-2.el7.x86_64.rpm 

安裝順序如下，如果安裝不成功需按提示解決依賴  依賴解決按照提示下載下傳對應的rpm檔案提示complate 安裝成功 

yum install freeradius-config-3.0.18-2.el7.x86_64.rpm -y 

yum install freeradius -3.0.18-2.el7.x86_64.rpm  -y 

yum install freeradius-rest-3.0.18-2.el7.x86_64.rpm  -y 

yum install freeradius-utils-3.0.18-2.el7.x86_64.rpm  -y 

如 freeradius -3.0.18-2.el7.x86_64.rpm 依賴openssl 1.0.2k  下載下傳openssl-libs-1.0.2k-16.el7.x86_64.rpm 

 yum install openssl-libs-1.0.2k-16.el7.x86_64.rpm  -y 

2啟動 radius 服務 radiusd -X debug模式啟動提示 Ready to process requests 

服務啟動成功 

3配置/etc/raddb/users  檔案 放開注釋使用者  

bobCleartext-Password := "hello" （使用者名為bob，密碼為hello） 

Reply-Message := "Hello, %{User-Name}"（認證成功響應 ） 

檢視/etc/raddb/clients 本地測試用戶端  

client localhost{ 

secret = testing123（秘鑰為testing123） 

} 

4測試指令radtest bob hello  127.0.0.1  0 testing123 

5測試結果 

-bash-4.2$ radtest bob hello  127.0.0.1  0 testing123 

Sent Access-Request Id 214 from 0.0.0.0:42620 to 127.0.0.1:1812 length 73 

User-Name = "bob" 

User-Password = "hello" 

NAS-IP-Address = 10.1.11.69 

NAS-Port = 0 

Message-Authenticator = 0x00 

Cleartext-Password = "hello" 

Received Access-Accept Id 214 from 127.0.0.1:1812 to 127.0.0.1:42620 length 32 

Reply-Message = "Hello, bob" 

radius服務搭建完成 

總結：在搭建完重新開機時會報

Copyright (C) 1999-2019 The FreeRADIUS server project and contributors

There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE

You may redistribute copies of FreeRADIUS under the terms of the

GNU General Public License

For more information about these matters, see the file named COPYRIGHT

Configuration directory /etc/raddb is globally writable.  Refusing to start due to insecure configuration.

這是因為我在修改配置檔案的時候偷懶把/etc/raddb目錄設定成了 777權限。freeradius認為不安全。把raddb目錄權限改回來即可。