XC06 Installation and Operation of freeRadius (2 Days)
In this course the students will learn about Radius authentication
systems, using the Freeradius product.
FreeRADIUS is an Internet authentication daemon which implements
the RADIUS protocol, as defined in RFC 2865 (and others). It allows
Network Access Servers (NAS boxes) to perform authentication for
dial-up users, and dial-up-like users. Recently, this has started to include
authenticating users at 802.11 hotspots using the 802.1x protocols.
There are also RADIUS clients available for Web servers, firewalls, Unix
systems, and more. Using RADIUS allows authentication and authorization for a
network to be centralized, and minimizes the amount of re-configuration which
has to be done when adding or deleting new users.
Radius does not replace Kerberos, public key infrastructures, Windows
domain controllers or other enterprise focused systems. Rather, it typically
is used for interacting, authenticating and billing customers.
At the end of the course the students will be able to install
and configure a new system as a radius server. The focus is on the radius
protocol and what the freeradius server does - its theory of operation.
Emphasis will be placed on how to configure it, and when each method
is appropriate.
Authentication methods may include username/password, X9.9, S/KEY-OTP or
EAP methods. Authentication sources will be /etc/passwd, flat files, and
MySQL. LDAP will not be covered in this course.
This is a hands on course.
Prerequisites:
- Linux Systems Administration
- TCP/IP Networking
- Experience with some form of internet access provider
