簡介
Radius Server提供多種身分驗證的方法,Freeradius Server is an opensource software
目的
這次主要想找EAP-AKA的packet範本
材料
Fedora 12
freeradius-server-2.2.1.tar.gz
freeradius-2.2.1_eap-sim-aka-0.1.patch
安裝
- 解壓
tar -zxvf freeradius-server-2.2.1.tar.gz
- patch
patch -p1 < freeradius-2.2.1_eap-sim-aka-0.1.patch
會有一些FAIL,跳過它哈哈
- setup
yum install openssl-devel
cd freeradius-server-2.2.1
./configure
make
make install
感覺沒什麼問題
- Start radius
radiusd -X
- Simple Test
這時候可以先做一個簡單的測試cd /usr/local/etc/raddb/
在users最前面增加一組帳密testaccount Cleartext-Password := "testpassword"
在clients.conf裡增加一個用戶 client 192.168.7.0 { secret = testing1 shortname = testing2 netmask=24}
執行 radtest testaccount testpassword 192.168.7.XX 1812 testing1
如果有收到 Access-Accept就成功^^
- build rlm_sim-file.so
cd ./src/modules/rlm_sim_files/
make
會有error 找不到tripbuf 所以我補上
char tripbuf[sizeof("232420100000015,30000000000000000000000000000000,30112233,445566778899AABB")*2];
再重新make就會產生rlm_sim_files-2.2.1.so
- copy to local lib and rename
cp ./.libs/rlm_sim_files-2.2.1.so /usr/local/lib/rlm_sim-file.so
- create simtriplets.dat
vim /usr/local/etc/raddb/simtriplets.dat
# IMSI RAND SRES KcSIM,1262074920549791,64BC736EF7684de1921F9C9C0E0679E2,0B7e4e4b,D2119f41D8840400SIM,1262074920549791,97D0C531F2A84000ACB5E4F966157908,181c8ac1,E2f6976a226bc800SIM,1262074920549791,1E4FD2861D0848a499C91162234B255C,211056b1,8Bbdd2385B3a0400#SIM,0262074920549791,64BC736EF7684de1921F9C9C0E0679E2,0B7e4e4b,D2119f41D8840400SIM,0262074920549791,97D0C531F2A84000ACB5E4F966157908,181c8ac1,E2f6976a226bc800SIM,0262074920549791,1E4FD2861D0848a499C91162234B255C,211056b1,8Bbdd2385B3a0400
# IMSI RAND RES AUTN IK CKAKA,0262073961704408,9FDDC72092C6AD036B6E464789315B78,F553BBC042452202,478412477BFF61DFD5BE5A85664C0820,359CF
- create sim_files
vim /usr/local/etc/raddb/modules/sim_filles
sim_files { simtriplets = "cd /usr/local/etc/raddb/simtriplets.dat"}
# IMSI RAND RES AUTN IK CKAKA,0262073961704408,9FDDC72092C6AD036B6E464789315B78,F553BBC042452202,478412477BFF61DFD5BE5A85664C0820,359CF
沒有留言:
張貼留言