RADIUS (Remote Authentication Dial in User Service)
RADIUS (Remote Authentication Dial In User Service), defined in RFC 2865, is a protocol for remote user authentication and accounting.
RADIUS enables centralized management of authentication data, such as usernames and passwords.
When a user attempts to login to a RADIUS client, such as a router, the router send the authentication request to the RADIUS server. The communication between the RADIUS client and the RADIUS server are authenticated and encrypted through the use of a shared secret, which is not transmitted over the network.
The RADIUS server may store the authentication data locally, but it can also store authentication data in an external SQL database or an external Unix /etc/passwd file. The RADIUS server can also plug into a PAM (Pluggable Authentication Service) architecture to retrieve authentication data.
The role of the RADIUS server as the centralized authentication server makes is an excellent choice for also performing accounting.
RADIUS can significantly increase security by enabling the centralization of password management. Of course, the other side of that argument is that once you take over the RADIUS server, you have everything.
RADIUS servers are available from many vendors. In addition, GNU RADIUS is an excellent non-commercial option.
RADIUS utilizes the MD5 algorithm for secure password hashing.
RADIUS is the de facto authentication provider in 802.11i wireless networks.
|
|
Comments
Leave a Reply
- How Internet Authentication Service (IAS) works
Internet Authentication Service (IAS) is Microsoft's implementation of a RADIUS (Remote Authentication Dial-in User Service) server and proxy. As a RADIUS server, IAS performs centralized connection authentication, authorization, and accounting for many types of network access, including wireless and VPN (Virtual Private Network) connections. As a RADIUS proxy, IAS forwards authentication and accounting messages to [...]...
- RADIUS Server
RADIUS (Remote Authentication Dial In User Service) is a system procedure that offers centralized entrance, approval, as well as accounting administration for individuals or computers to add and utilize a network service. Individuals often need “Authentication” when they try to fix to a network. People have to face far more problems while connecting their computers [...]...
- Windows Remote Access
Windows Remote Access is a set of components which allow remote users to access centralized computing resources. Windows Remote Access consists of the following components: Remote Access Clients Computers which are running a Windows operating system creates either a dial-up or virtual private network connection to the remote access server. The remote access client can [...]...
- PPP Authentication Protocols
Windows Server 2003 and Windows XP support the following PPP authentication protocols: PAP or Password Authentication Protocol The oldest forms of authentication schemes used where the user credential are sent in plain text. This is not the securest form of passing authentication credentials as anybody can use a third party sniffer program and capture these [...]...
- Pluggable Authentication Modules
A Pluggable Authentication Module, or PAM, is a software implementation that allows administrators to significantly change how users log into a server by running a PAM on the server itself. PAMs are used to provide authentication of users as well as perform any tasks that are associated with initializing or terminating the session, such as [...]...
Dear all,
Any one guide me to configure Radius server in ubuntu system for WIFI