bionic (5) rlm_digest.5.gz

Provided by: freeradius-common_3.0.16+dfsg-1ubuntu3.2_all bug

NAME

       rlm_digest - FreeRADIUS Module

DESCRIPTION

       The  rlm_digest  module  authenticates  RADIUS  Access-Request  packets  that  contain  Cisco  SIP digest
       authentication attributes.  The module should be listed in the authorize  and  authenticate  sections  of
       radiusd.conf.

CONFIGURATION

       The  digest  module  requires  no  additional configuration items.  When it is being used to authenticate
       requests, however, it does require access to the clear-text password for the user.  Hashed passwords  are
       not acceptable, and will not work.

EXAMPLES

       Add the following lines to the top of your 'raddb/users' file:

       #---
       test Auth-Type := Digest, User-Password = "test"
            Reply-Message = "Hello, test with digest"
       #---

       Once  the  server  has been started (debugging mode is recommended), use 'radclient to send the following
       packet to the server:

       $  radclient -f digest localhost auth testing123

       Where 'digest' is a file containing:

         User-Name = "test",
         Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
         Digest-Realm = "testrealm",
         Digest-Nonce = "1234abcd",
         Digest-Method = "INVITE",
         Digest-URI = "sip:5555551212@example.com",
         Digest-Algorithm = "MD5",
         Digest-User-Name = "test",
         Message-Authenticator = ""

       You should see the authentication succeed.

SECTIONS

       authorize, authenticate

FILES

       /etc/freeradius/3.0/radiusd.conf, draft-sterman-aaa-sip-00.txt

AUTHOR

       Alan DeKok <aland@ox.org>

                                                  31 March 2005                                    rlm_digest(5)