Configure RADIUS Authentication

When RADIUS is configured, Reflection for Secure IT transfers control of authentication to the RADIUS authentication server.

To configure the Reflection for Secure IT server

  1. Create the following file and set owner-only read and write access (permissions = 600).

    /etc/ssh2/radius_config

  2. Open this file in a text editor. Add a line for each RADIUS server that identifies the server, the port used for RADIUS on that server, and the shared secret required for RADIUS clients to authenticate to that server. For example:

    server1:1812:secret1

    server2:1812:secret2

    Note: RADIUS servers are contacted in order from top to bottom until a response to the authentication request is received.

  3. Open the server configuration file (/etc/ssh2/sshd2_config) in a text editor. Edit the following keywords:

    AllowedAuthentications=keyboard-interactive

    AuthKbdInt.Required=radius

    RadiusFile=/etc/ssh2/radius_config

To configure the client

  • Enable keyboard-interactive authentication. (This is the default for all Reflection for Secure IT clients.)

Related Topics

RADIUS Authentication