1 .TH rlm_digest 5 "31 March 2005" "" "FreeRADIUS Module"
3 rlm_digest \- FreeRADIUS Module
5 The \fIrlm_digest\fP module authenticates RADIUS Access-Request
6 packets that contain Cisco SIP digest authentication attributes. The
7 module should be listed in the \fIauthorize\fP and \fIauthenticate\fP
8 sections of \fIradiusd.conf\fP.
10 The digest module requires no additional configuration items. When it
11 is being used to authenticate requests, however, it does require
12 access to the clear-text password for the user. Hashed passwords are
13 not acceptable, and will not work.
15 Add the following lines to the top of your 'raddb/users' file:
20 test Auth-Type := Digest, User-Password = "test"
22 Reply-Message = "Hello, test with digest"
27 Once the server has been started (debugging mode is recommended),
28 use '\fIradclient\fP to send the following packet to the server:
31 $ radclient -f digest localhost auth testing123
34 Where 'digest' is a file containing:
39 Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
41 Digest-Realm = "testrealm",
43 Digest-Nonce = "1234abcd",
45 Digest-Method = "INVITE",
47 Digest-URI = "sip:5555551212@example.com",
49 Digest-Algorithm = "MD5",
51 Digest-User-Name = "test",
53 Message-Authenticator = ""
56 You should see the authentication succeed.
63 .I /etc/raddb/radiusd.conf,
64 .I draft-sterman-aaa-sip-00.txt
67 Alan DeKok <aland@ox.org>