3 # specify which authentication comes first respectively which
4 # authentication is used. possible values are: "radius" and "local".
5 # if you specify "radius,local" then the RADIUS server is asked
6 # first then the local one. if only one keyword is specified only
7 # this server is asked.
10 # maximum login tries a user has (default 4)
13 # timeout for all login tries (default 60)
14 # if this time is exceeded the user is kicked out
17 # name of the nologin file which when it exists disables logins.
18 # it may be extended by the ttyname which will result in
19 # a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
20 # logins on /dev/ttyS2) (default /etc/nologin)
23 # name of the issue file. it's only display when no username is passed
24 # on the radlogin command line (default /etc/radiusclient/issue)
25 issue @pkgsysconfdir@/issue
29 # RADIUS server to use for authentication requests. this config
30 # item can appear more then one time. if multiple servers are
31 # defined they are tried in a round robin fashion if one
32 # server is not answering.
33 # optionally you can specify a the port number on which is remote
34 # RADIUS listens separated by a colon from the hostname. if
35 # no port is specified /etc/services is consulted of the radius
36 # service. if this fails also a compiled in default is used.
37 authserver localhost:1812
39 # RADIUS server to use for accouting requests. All that I
40 # said for authserver applies, too.
42 acctserver localhost:1813
44 # file holding shared secrets used for the communication
45 # between the RADIUS client and server
46 servers @pkgsysconfdir@/servers
48 # dictionary of allowed attributes and values
49 # just like in the normal RADIUS distributions
50 dictionary @pkgsysconfdir@/dictionary
52 # program to call for a RADIUS authenticated login
53 # (default /usr/sbin/login.radius)
54 login_radius @sbindir@/login.radius
56 # file which holds sequence number for communication with the
58 seqfile /var/run/radius.seq
60 # file which specifies mapping between ttyname and NAS-Port attribute
61 mapfile @pkgsysconfdir@/port-id-map
63 # default authentication realm to append to all usernames if no
64 # realm was explicitly specified by the user
65 # the radiusd directly form Livingston doesnt use any realms, so leave
69 # time to wait for a reply from the RADIUS server
72 # resend request this many times before trying the next server
77 # If supplied, this option will cause the client to send the given string
78 # as the contents of the NAS-Identifier attribute in RADIUS requests. No
79 # NAS-IP-Address attribute will be sent in this case.
81 # The default behavior is to send a NAS-IP-Address option and not send
82 # a NAS-Identifier. The value of the NAS-IP-Address option is chosen
83 # by resolving the system hostname.
85 # nas_identifier MyUniqueNASName
89 # program to execute for local login
90 # it must support the -f flag for preauthenticated login
91 login_local /bin/login