Provided by: radiusd-livingston_2.1-21_amd64 
NAME
radiusd - RADIUS authentication/accounting server
SYNOPSIS
radiusd [-a DIR] [-b] [-d DIR] [-h] [-f FILE] [-i IP_ADDRESS] [-l FILE] [-o] [-p NUM] [-q NUM] [-s]
[-t NUM] [-v] [-w NUM] [-x]
DESCRIPTION
radiusd is the RADIUS authentication and accounting server.
OPTIONS
-a DIR Set the directory for RADIUS accounting logs to DIR. The default location is /var/log/radiusd-
livingston.
-b Use users DB database file /etc/radiusd-livingston/users.db rather than the flat text file
/etc/radiusd-livingston/users. builddbm(8) may be used to create this database file.
-d DIR Set the database directory to DIR, rather than the default /etc/radiusd-livingston.
-f FILE
Use FILE as a password file instead of using getpwnam(3) calls for "System" type authentication.
-h Show summary of options.
-i IP_ADDR
Bind the RADIUS server to IP_ADDR address, rather than accepting for all IP addresses on the local
machine.
-l FILE
Log to FILE rather than the default behaviour of logging through syslog.
If debugging is set, the default behaviour is to log to /dev/tty and setting -l syslog in this
case only will log through syslog.
-p NUM Sets the listening port of radiusd to NUM for access requests, NUM+1 for accounting requests,
NUM+5 and NUM+6 for handling proxy requests. The default is to use the entries radius, radacct,
radius-proxy, and radacct-proxy in /etc/services or 1645, 1646, 1815 and 1816 respectively.
(Debian's /etc/services has radius as 1812 and radacct as 1813 in accordance with the RFCs, but
has no entries for proxy services.) Most RADIUS clients default to 1645 and 1646, even though that
is at variance with the RFCs.
-o Accept all-zero accounting request authenticators.
The -o flag is provided for backwards compatibility with non-compliant RADIUS clients. If radiusd
is run with the -o flag, it logs unsigned accounting records, and flags them with "Request-
Authenticator = None". If radiusd is run without the -o flag, it does not log unsigned accounting
records.
-q NUM Set the maximum number of outstanding requests (default 100), setting a limit on the number of
child processes radiusd will spawn off to handle authentication.
-s Single process mode. When set radiusd does not fork off a separate accounting server, and does not
fork off separate authentication responders for each authentication request. This mode is needed
if you wish to use the Virtual Ports feature.
-t NUM Set the maximum time in seconds for a child authentication responder to live to NUM. This catches
responders that have become unresponsive. The default is 30 seconds.
-v Print version number of radiusd on standard error.
-w NUM Sets the maximum time in seconds for the proxy server to wait for a response before discarding the
request to NUM. The default is 30 seconds.
-x Debug mode.
SIGNALS
SIGUSR1
Increment debugging level.
SIGUSR2
Disables debugging.
SIGHUP is ignored. Changes to the clients and proxy files are automatically noticed and acted upon. There
is no need to tell radiusd to reread them.
FILES
/etc/radiusd-livingston/dictionary
RADIUS dictionary. /etc/radiusd-livingston/clients List of RADIUS clients and their shared
secrets.
/etc/radiusd-livingston/proxy
Proxy configuration.
/etc/radiusd-livingston/users
RADIUS users database (plain ASCII format)
/etc/radiusd-livingston/users.db
RADIUS users database (Berkeley DB 2.x format), made by builddbm
/var/log/radiusd-livingston/CLIENT/details
RADIUS accounting logs for CLIENT.
AUTHOR
radiusd is copyright 1999 Lucent Technologies Inc. All rights reserved.
This manual page was written by Paul Martin <pm@debian.org>, for the Debian GNU/Linux system (but may be
used by others).
SEE ALSO
builddbm(8), db_intro(3)
RADIUSD(8)