radius(8) nnrpd RADIUS password authenticator


radius [-h] [-f config]


radius is an nnrpd authenticator, accepting a username and password from nnrpd (given to nnrpd by a reader connection) and attempting to authenticate that username and password against a RADIUS server. See readers.conf(5) for more information on how to configure an nnrpd authenticator. It is useful for a site that already does user authentication via RADIUS and wants to authenticate news reading connections as well.

By default, radius reads pathetc/inn-radius.conf for configuration information, but a different configuration file can be specified with -f. See inn-radius.conf(5) for a description of the configuration file.


-f config
Read config instead of pathetc/inn-radius.conf for configuration information.
Print out a usage message and exit.


The following readers.conf(5) fragment tells nnrpd to authenticate all connections using this authenticator:

    auth radius {
        auth: radius
        default: <FAIL>
        default-domain: example.com

"@example.com" will be appended to the user-supplied identity, and if RADIUS authentication fails, the user will be assigned an identity of "<FAIL>@example.com".


It has been reported that this authenticator doesn't work with Ascend RADIUS servers, but does work with Cistron RADIUS servers. It's also believed to work with Livingston's RADIUS server. Contributions to make it work better with different types of RADIUS servers would be gratefully accepted.

This code has not been audited against the RADIUS protocol and may not implement it correctly.


The RADIUS authenticator was originally written by Aidan Cully. This documentation was written by Russ Allbery <[email protected]>.

$Id: radius.pod 9940 2015-09-04 12:58:15Z iulius $