Radius Authentication⚓︎
note:Radius Authentication is a feature of JumpServer Enterprise Edition
tip
- Use radius users as JumpServer login users.⚓︎
1 Operation process⚓︎
- Modify JumpServer configuration file and enable Radius authentication.
vi /opt/jumpserver/config/config.txt
AUTH_RADIUS=True
RADIUS_SERVER=127.0.0.1
RADIUS_PORT=1812
RADIUS_SECRET=radius_secret
- After completing the modifications, save and restart JumpServer.
2 Parameter Description⚓︎
- Radius Parameters Description:
name | explain |
---|---|
RADIUS_SERVER |
IP of Radius server |
RADIUS_PORT |
Service port of Radius |
RADIUS_SECRET |
Pre shared key for radius server |
OTP_IN_RADIUS |
Use dynamic password, which can be combined with ldap. Note that radius authentication needs to be disabled |
SECRET
offreeradius
is configured in clients.conf.SECRET
of Cisco can be obtained from theShared Secret
in theRADIUS Authentication Settings
section of the web page.SECRET
of Huawei can be obtained from theShared Secret
in theAuthentication Options
section of the web page.- For other manufacturers, please consult the relevant manufacturer on your own.
- Example:
AUTH_RADIUS=True
RADIUS_SERVER=47.98.186.18
RADIUS_PORT=1812
RADIUS_SECRET=testing123
- Dynamic password authentication:
AUTH_RADIUS=True
RADIUS_SERVER=47.98.186.18
RADIUS_PORT=1812
RADIUS_SECRET=testing123
OTP_IN_RADIUS=True