Provided by: freeradius-common_3.2.3+dfsg-2_all bug

NAME

       rlm_digest - FreeRADIUS Module

DESCRIPTION

       The  rlm_digest  module authenticates RADIUS Access-Request packets that contain Cisco SIP
       digest authentication attributes.  The module  should  be  listed  in  the  authorize  and
       authenticate sections of radiusd.conf.

CONFIGURATION

       The  digest  module  requires no additional configuration items.  When it is being used to
       authenticate requests, however, it does require access to the clear-text password for  the
       user.  Hashed passwords are not acceptable, and will not work.

EXAMPLES

       Add the following lines to the top of your 'raddb/users' file:

       #---
       test Auth-Type := Digest, User-Password = "test"
            Reply-Message = "Hello, test with digest"
       #---

       Once  the  server has been started (debugging mode is recommended), use 'radclient to send
       the following packet to the server:

       $  radclient -f digest localhost auth testing123

       Where 'digest' is a file containing:

         User-Name = "test",
         Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
         Digest-Realm = "testrealm",
         Digest-Nonce = "1234abcd",
         Digest-Method = "INVITE",
         Digest-URI = "sip:5555551212@example.com",
         Digest-Algorithm = "MD5",
         Digest-User-Name = "test",
         Message-Authenticator = ""

       You should see the authentication succeed.

SECTIONS

       authorize, authenticate

FILES

       /etc/freeradius/3.0/radiusd.conf, draft-sterman-aaa-sip-00.txt

AUTHOR

       Alan DeKok <aland@ox.org>

                                          31 March 2005                             rlm_digest(5)