Skip to content

Radius Authentication⚓︎

note:Radius Authentication is a feature of JumpServer Enterprise Edition

tip

- Use radius users as JumpServer login users.⚓︎

1 Operation process⚓︎

  • Modify JumpServer configuration file and enable Radius authentication.

vi /opt/jumpserver/config/config.txt

AUTH_RADIUS=True
RADIUS_SERVER=127.0.0.1
RADIUS_PORT=1812
RADIUS_SECRET=radius_secret

  • After completing the modifications, save and restart JumpServer.

2 Parameter Description⚓︎

  • Radius Parameters Description:
name explain
RADIUS_SERVER IP of Radius server
RADIUS_PORT Service port of Radius
RADIUS_SECRET Pre shared key for radius server
OTP_IN_RADIUS Use dynamic password, which can be combined with ldap. Note that radius authentication needs to be disabled
  • SECRET of freeradius is configured in clients.conf.
  • SECRET of Cisco can be obtained from the Shared Secret in the RADIUS Authentication Settings section of the web page.
  • SECRET of Huawei can be obtained from the Shared Secret in the Authentication Options section of the web page.
  • For other manufacturers, please consult the relevant manufacturer on your own.
  • Example:
AUTH_RADIUS=True
RADIUS_SERVER=47.98.186.18
RADIUS_PORT=1812
RADIUS_SECRET=testing123
  • Dynamic password authentication:
AUTH_RADIUS=True
RADIUS_SERVER=47.98.186.18
RADIUS_PORT=1812
RADIUS_SECRET=testing123
OTP_IN_RADIUS=True