[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

14.3.5 Auth-Type

 
ATTRIBUTE Auth-Type 1000 integer
Users: L-
Hints: -R
Huntgroups: -R
Additivity: Append
Proxy propagated: No

 
VALUE      Auth-Type         Local                0       
VALUE      Auth-Type         System               1       
VALUE      Auth-Type         Crypt-Local          3       
VALUE      Auth-Type         Reject               4       
VALUE      Auth-Type         SQL                  252     
VALUE      Auth-Type         Pam                  253     
VALUE      Auth-Type         Accept               254

This attribute tells the server which type of authentication to apply to a particular user. It can be used in the LHS of the user's profile (see section 7. Authentication.)

Radius interprets values of Auth-Type attribute as follows:

Local
The value of the User-Password attribute from the record is taken as a cleantext password and is compared against the User-Password value from the input packet.

System
This means that a user's password is stored in a system password type. Radius queries the operating system to determine if the user name and password supplied in the incoming packet are O.K.

Crypt-Local
The value of the User-Password attribute from the record is taken as an MD5 hash on the user's password. Radius generates MD5 hash on the supplied User-Password value and compares the two strings.

Reject
Authentication fails.

Accept
Authentication succeeds.

SQL
Mysql
The MD5-encrypted user's password is queried from the SQL database (7.6 SQL Authentication Type). Mysql is an alias maintained for compatibility with other versions of Radius.

Pam
The user-name--password combination is checked using PAM.


This document was generated by Sergey Poznyakoff on November, 20 2004 using texi2html