SHARE
TWEET

Untitled

a guest Jan 22nd, 2020 55 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #
  2. #   Configuration file for the rlm_files module.
  3. #   Please see rlm_files(5) manpage for more information.
  4. #
  5. #   This file contains authentication security and configuration
  6. #   information for each user.  Accounting requests are NOT processed
  7. #   through this file.  Instead, see 'accounting', in this directory.
  8. #
  9. #   The first field is the user's name and can be up to
  10. #   253 characters in length.  This is followed (on the same line) with
  11. #   the list of authentication requirements for that user.  This can
  12. #   include password, comm server name, comm server port number, protocol
  13. #   type (perhaps set by the "hints" file), and huntgroup name (set by
  14. #   the "huntgroups" file).
  15. #
  16. #   If you are not sure why a particular reply is being sent by the
  17. #   server, then run the server in debugging mode (radiusd -X), and
  18. #   you will see which entries in this file are matched.
  19. #
  20. #   When an authentication request is received from the comm server,
  21. #   these values are tested. Only the first match is used unless the
  22. #   "Fall-Through" variable is set to "Yes".
  23. #
  24. #   A special user named "DEFAULT" matches on all usernames.
  25. #   You can have several DEFAULT entries. All entries are processed
  26. #   in the order they appear in this file. The first entry that
  27. #   matches the login-request will stop processing unless you use
  28. #   the Fall-Through variable.
  29. #
  30. #   Indented (with the tab character) lines following the first
  31. #   line indicate the configuration values to be passed back to
  32. #   the comm server to allow the initiation of a user session.
  33. #   This can include things like the PPP configuration values
  34. #   or the host to log the user onto.
  35. #
  36. #   You can include another `users' file with `$INCLUDE users.other'
  37.  
  38. #
  39. #   For a list of RADIUS attributes, and links to their definitions,
  40. #   see: http://www.freeradius.org/rfc/attributes.html
  41. #
  42. #   Entries below this point are examples included in the server for
  43. #   educational purposes. They may be deleted from the deployed
  44. #   configuration without impacting the operation of the server.
  45. #
  46.  
  47. #
  48. # Deny access for a specific user.  Note that this entry MUST
  49. # be before any other 'Auth-Type' attribute which results in the user
  50. # being authenticated.
  51. #
  52. # Note that there is NO 'Fall-Through' attribute, so the user will not
  53. # be given any additional resources.
  54. #
  55. #lameuser   Auth-Type := Reject
  56. #       Reply-Message = "Your account has been disabled."
  57.  
  58. #
  59. # Deny access for a group of users.
  60. #
  61. # Note that there is NO 'Fall-Through' attribute, so the user will not
  62. # be given any additional resources.
  63. #
  64. #DEFAULT    Group == "disabled", Auth-Type := Reject
  65. #       Reply-Message = "Your account has been disabled."
  66. #
  67.  
  68. #
  69. # This is a complete entry for "steve". Note that there is no Fall-Through
  70. # entry so that no DEFAULT entry will be used, and the user will NOT
  71. # get any attributes in addition to the ones listed here.
  72. #
  73. #steve  Cleartext-Password := "testing"
  74. #   Service-Type = Framed-User,
  75. #   Framed-Protocol = PPP,
  76. #   Framed-IP-Address = 172.16.3.33,
  77. #   Framed-IP-Netmask = 255.255.255.0,
  78. #   Framed-Routing = Broadcast-Listen,
  79. #   Framed-Filter-Id = "std.ppp",
  80. #   Framed-MTU = 1500,
  81. #   Framed-Compression = Van-Jacobsen-TCP-IP
  82.  
  83. #
  84. # The canonical testing user which is in most of the
  85. # examples.
  86. #
  87. #bob    Cleartext-Password := "hello"
  88. #   Reply-Message := "Hello, %{User-Name}"
  89. #
  90.  
  91. #
  92. # This is an entry for a user with a space in their name.
  93. # Note the double quotes surrounding the name.  If you have
  94. # users with spaces in their names, you must also change
  95. # the "filter_username" policy to allow spaces.
  96. #
  97. # See raddb/policy.d/filter, filter_username {} section.
  98. #
  99. #"John Doe" Cleartext-Password := "hello"
  100. #       Reply-Message = "Hello, %{User-Name}"
  101.  
  102. #
  103. # Dial user back and telnet to the default host for that port
  104. #
  105. #Deg    Cleartext-Password := "ge55ged"
  106. #   Service-Type = Callback-Login-User,
  107. #   Login-IP-Host = 0.0.0.0,
  108. #   Callback-Number = "9,5551212",
  109. #   Login-Service = Telnet,
  110. #   Login-TCP-Port = Telnet
  111.  
  112. #
  113. # Another complete entry. After the user "dialbk" has logged in, the
  114. # connection will be broken and the user will be dialed back after which
  115. # he will get a connection to the host "timeshare1".
  116. #
  117. #dialbk Cleartext-Password := "callme"
  118. #   Service-Type = Callback-Login-User,
  119. #   Login-IP-Host = timeshare1,
  120. #   Login-Service = PortMaster,
  121. #   Callback-Number = "9,1-800-555-1212"
  122.  
  123. #
  124. # user "swilson" will only get a static IP number if he logs in with
  125. # a framed protocol on a terminal server in Alphen (see the huntgroups file).
  126. #
  127. # Note that by setting "Fall-Through", other attributes will be added from
  128. # the following DEFAULT entries
  129. #
  130. #swilson    Service-Type == Framed-User, Huntgroup-Name == "alphen"
  131. #       Framed-IP-Address = 192.0.2.65,
  132. #       Fall-Through = Yes
  133.  
  134. #
  135. # If the user logs in as 'username.shell', then authenticate them
  136. # using the default method, give them shell access, and stop processing
  137. # the rest of the file.
  138. #
  139. #DEFAULT    Suffix == ".shell"
  140. #       Service-Type = Login-User,
  141. #       Login-Service = Telnet,
  142. #       Login-IP-Host = your.shell.machine
  143.  
  144.  
  145. #
  146. # The rest of this file contains the several DEFAULT entries.
  147. # DEFAULT entries match with all login names.
  148. # Note that DEFAULT entries can also Fall-Through (see first entry).
  149. # A name-value pair from a DEFAULT entry will _NEVER_ override
  150. # an already existing name-value pair.
  151. #
  152.  
  153. #
  154. # Set up different IP address pools for the terminal servers.
  155. # Note that the "+" behind the IP address means that this is the "base"
  156. # IP address. The Port-Id (S0, S1 etc) will be added to it.
  157. #
  158. #DEFAULT    Service-Type == Framed-User, Huntgroup-Name == "alphen"
  159. #       Framed-IP-Address = 192.0.2.32+,
  160. #       Fall-Through = Yes
  161.  
  162. #DEFAULT    Service-Type == Framed-User, Huntgroup-Name == "delft"
  163. #       Framed-IP-Address = 198.51.100.32+,
  164. #       Fall-Through = Yes
  165.  
  166. #
  167. # Sample defaults for all framed connections.
  168. #
  169. #DEFAULT    Service-Type == Framed-User
  170. #   Framed-IP-Address = 255.255.255.254,
  171. #   Framed-MTU = 576,
  172. #   Service-Type = Framed-User,
  173. #   Fall-Through = Yes
  174.  
  175. #
  176. # Default for PPP: dynamic IP address, PPP mode, VJ-compression.
  177. # NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
  178. #   by the terminal server in which case there may not be a "P" suffix.
  179. #   The terminal server sends "Framed-Protocol = PPP" for auto PPP.
  180. #
  181. DEFAULT Framed-Protocol == PPP
  182.     Framed-Protocol = PPP,
  183.     Framed-Compression = Van-Jacobson-TCP-IP
  184.  
  185. #
  186. # Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
  187. #
  188. DEFAULT Hint == "CSLIP"
  189.     Framed-Protocol = SLIP,
  190.     Framed-Compression = Van-Jacobson-TCP-IP
  191.  
  192. #
  193. # Default for SLIP: dynamic IP address, SLIP mode.
  194. #
  195. DEFAULT Hint == "SLIP"
  196.     Framed-Protocol = SLIP
  197.  
  198. #
  199. # Last default: rlogin to our main server.
  200. #
  201. #DEFAULT
  202. #   Service-Type = Login-User,
  203. #   Login-Service = Rlogin,
  204. #   Login-IP-Host = shellbox.ispdomain.com
  205.  
  206. # #
  207. # # Last default: shell on the local terminal server.
  208. # #
  209. # DEFAULT
  210. #   Service-Type = Administrative-User
  211.  
  212.  
  213. # On no match, the user is denied access.
  214.  
  215.  
  216. #########################################################
  217. # You should add test accounts to the TOP of this file! #
  218. # See the example user "bob" above.                     #
  219. #########################################################
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top