1 .\" # DS - begin display
13 .TH rlm_digest 5 "31 March 2005" "" "FreeRADIUS Module"
15 rlm_digest \- FreeRADIUS Module
17 The \fIrlm_digest\fP module authenticates RADIUS Access-Request
18 packets that contain Cisco SIP digest authentication attributes. The
19 module should be listed in the \fIauthorize\fP and \fIauthenticate\fP
20 sections of \fIradiusd.conf\fP.
22 The digest module requires no additional configuration items. When it
23 is being used to authenticate requests, however, it does require
24 access to the clear-text password for the user. Hashed passwords are
25 not acceptable, and will not work.
27 Add the following lines to the top of your 'raddb/users' file:
32 test Auth-Type := Digest, User-Password = "test"
34 Reply-Message = "Hello, test with digest"
39 Once the server has been started (debugging mode is recommended),
40 use '\fIradclient\fP to send the following packet to the server:
43 $ radclient -f digest localhost auth testing123
46 Where 'digest' is a file containing:
51 Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
53 Digest-Realm = "testrealm",
55 Digest-Nonce = "1234abcd",
57 Digest-Method = "INVITE",
59 Digest-URI = "sip:5555551212@example.com",
61 Digest-Algorithm = "MD5",
63 Digest-User-Name = "test",
65 Message-Authenticator = ""
68 You should see the authentication succeed.
75 .I /etc/raddb/radiusd.conf,
76 .I draft-sterman-aaa-sip-00.txt
79 Alan DeKok <aland@ox.org>