Chapter 9: RADIUS Services for Linux
In this chapter, we'll cover Remote Authentication Dial-In User Service (RADIUS), one of the main methods of authenticating services over a network. We'll implement FreeRADIUS on our server, link it to a backend Lightweight Directory Access Protocol (LDAP)/Secure LDAP (LDAPS) directory, and use it to authenticate access to various services on the network.
In particular, we'll cover the following topics:
- RADIUS basics—what is RADIUS and how does it work?
- Implementing RADIUS with local Linux authentication
- RADIUS with LDAP/LDAPS backend authentication
- Unlang—the unlanguage
- RADIUS use-case scenarios
- Using Google Authenticator for multi-factor authentication (MFA) with RADIUS
