Setting up a FreeRadius server

Introduction link

FreeRADIUS is an open-source RADIUS server.

It offers an alternative to other enterprise RADIUS servers, and is one of the most modular and feature-rich RADIUS servers available today. It is considered the most widely used server in the world.

It is suitable for both embedded systems with limited memory and systems with several million users.

I installed this server on OpenBSD to connect a WiFi access point to it. This is quite practical and currently the most secure approach.

Installation link

On OpenBSD:

  pkg_add -iv freeradius
  

Now we need to add it to the boot process:

  if [ -x /usr/local/sbin/radiusd ]; then
        install -d -o _freeradius /var/run/radiusd
        echo -n ' radiusd';     /usr/local/sbin/radiusd
fi
  

If you want a configuration file example, look at /usr/local/share/examples/freeradius.

Configuration link

client.conf link

We will edit the client.conf file to add a test user:

  client 127.0.0.1 {
    secret      = testing123
    shortname   = localhost
}
  

users link

Let’s add a simple user for now:

  "deimos"    Cleartext-Password := "password"
  

Verification link

To verify that the user is working properly, you can use the radtest command:

  radtest deimos test 127.0.0.1 1812 testing123
  

• deimos : the user
• password : the password
• 127.0.0.1 : the Radius server
• 1812 : the Radius server port
• testing123: the additional password