radiusd_radius —
provide authentication from upstream RADIUS
servers
The radiusd_radius utility is executed by
radiusd(8) as a module to provide authentication from
upstream RADIUS servers.
The radiusd_radius supports the following
configuration key and value:
server
address[:port]- Specify the upstream server's address and port. If
port is omitted, 1812 is used. This configuration
can be specified multiple times.
secret
secret- Specify the shared secret with the servers. This configuration cannot be
omitted.
max-tries
number- Specify the maximum number of retransmissions for a server.
radiusd(8) will retransmit 2, 6, 14, 22, and 30 seconds
after the first transmission and subsequent retransmissions will occur
every 8 seconds. If the number of retransmissions per server reaches this
value, the current server is marked as “fail”, and the next
server is used for subsequent requests. The default value is 3.
max-failovers
number- If a positive number is specified, radiusd(8) will
failover to the next server when the current server is marked
“fail”. This key and value specifies the maximum number of
failovers. The default value is 0.
request-timeout
sec- Specify the request timeout in seconds. If this value is specified,
max-tries and max-failover
will not be used.
- /usr/libexec/radiusd/radiusd_radius
- “radius” module executable.
The radiusd_radius module first appeared
in OpenBSD 5.8.