Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
PAM_RADIUS(8)		    System Manager's Manual		 PAM_RADIUS(8)

NAME
       pam_radius -- RADIUS authentication PAM module

SYNOPSIS
       [service-name] module-type control-flag pam_radius [options]

DESCRIPTION
       The  pam_radius	module provides	authentication services	based upon the
       RADIUS (Remote Authentication Dial In User Service)  protocol  for  the
       PAM (Pluggable Authentication Module) framework.

       The pam_radius module accepts these optional parameters:

       use_first_pass
		   causes  pam_radius to use a previously entered password in-
		   stead of prompting for a new	one.  If no password has  been
		   entered then	authentication fails.

       try_first_pass
		   causes  pam_radius to use a previously entered password, if
		   one	is  available.	 If  no	 password  has	been  entered,
		   pam_radius prompts for one as usual.

       echo_pass   causes  echoing  to	be left	on if pam_radius prompts for a
		   password.

       conf=pathname
		   specifies a non-standard location  for  the	RADIUS	client
		   configuration file (normally	located	in /etc/radius.conf).

       nas_id=identifier
		   specifies a NAS identifier to send instead of the hostname.

       nas_ipaddr[=address]
		   specifies  a	 NAS  IP  address  to  be  sent.  If option is
		   present, but	there is no value  provided  then  IP  address
		   corresponding to the	current	hostname will be used.

       template_user=username
		   specifies  a	 user  whose passwd(5) entry will be used as a
		   template to create the session environment if the  supplied
		   username  does  not	exist in local password	database.  The
		   user	will be	authenticated with the supplied	 username  and
		   password,  but  his	credentials to the system will be pre-
		   sented as the ones for username,  i.e.,  his	 login	class,
		   home	 directory,  resource limits, etc. will	be set to ones
		   defined for username.

		   If this option is omitted, and there	is no username in  the
		   system  databases  equal to the supplied one	(as determined
		   by call to getpwnam(3)), the	authentication will fail.

       no_reply_message
		   suppress printing of	the contents of	any Reply-Message  at-
		   tributes  found  in	Access-Accept  and  Access-Reject  re-
		   sponses.  These are normally	conveyed to the	user as	either
		   informational or error messages, depending on  whether  the
		   access request was accepted or rejected.

       no_warn	   suppress  warning messages to the user.  These messages in-
		   clude reasons why the user's	authentication attempt was de-
		   clined.

FILES
       /etc/radius.conf	 The standard RADIUS  client  configuration  file  for
			 pam_radius

SEE ALSO
       pam(3), passwd(5), radius.conf(5)

HISTORY
       The  pam_radius	module	first appeared in FreeBSD 3.1.	The pam_radius
       manual page first appeared in FreeBSD 3.3.

AUTHORS
       The  pam_radius	manual	page   was   written   by   Andrzej   Bialecki
       <abial@FreeBSD.org>.

       The pam_radius module was written by John D. Polstra <jdp@FreeBSD.org>.

FreeBSD	14.3			 May 16, 2018			 PAM_RADIUS(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=pam_radius&sektion=8&manpath=FreeBSD+14.3-RELEASE+and+Ports>

home | help