Provided by: freeradius-common_2.1.8+dfsg-1ubuntu1_all bug


       rlm_digest - FreeRADIUS Module


       The  rlm_digest module authenticates RADIUS Access-Request packets that
       contain Cisco SIP digest authentication attributes.  The module  should
       be listed in the authorize and authenticate sections of radiusd.conf.


       The  digest module requires no additional configuration items.  When it
       is being used to authenticate requests, however, it does require access
       to  the  clear-text  password  for  the user.  Hashed passwords are not
       acceptable, and will not work.


       Add the following lines to the top of your ’raddb/users’ file:

              test Auth-Type := Digest, User-Password = "test"
                   Reply-Message = "Hello, test with digest"

       Once the server has been started (debugging mode is  recommended),  use
       ’radclient to send the following packet to the server:

              $  radclient -f digest localhost auth testing123

       Where ’digest’ is a file containing:

                User-Name = "test",
                Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
                Digest-Realm = "testrealm",
                Digest-Nonce = "1234abcd",
                Digest-Method = "INVITE",
                Digest-URI = "",
                Digest-Algorithm = "MD5",
                Digest-User-Name = "test",
                Message-Authenticator = ""

       You should see the authentication succeed.


       authorize, authenticate


       /etc/raddb/radiusd.conf, draft-sterman-aaa-sip-00.txt


       Alan DeKok <>

                                 31 March 2005                   rlm_digest(5)