GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
RAD-CLIENT(1) User Contributed Perl Documentation RAD-CLIENT(1)

rad-client - A command line RADIUS client

    rad-client --secret secret --server server --dictionary dictfile ... 
    [--attempts n] [--timeout t] [--port port] [--code packet-code] 
    [--authenticator packet-authenticator] [--identifier id] [--prompt]
    [--attributes file] [--nowait] [--dump-request] [--quiet] [--help]
    attributes...

"rad-client" is a command-line RADIUS client that is expected to be flexible enough so as to allow for testing of servers and automating monitoring scripts. This script ships as part of Net::Radius::Server(3).

Basically, this script will craft a RADIUS packet, send it to the specified server and wait for a response (unless --nowait is specified, see below).

The following options are supported (Options can be shortened - See Getopt::Long(3)):

Specify the number of attempts to send the RADIUS packet to the server. This defaults to the magical number, 3. Retransmissions are reported to "STDERR" unless --quiet is specified.
How much to wait for an answer before retrying, in seconds. Defaults to 3 seconds. Timeouts are reported to "STDERR" unless --quiet is specified.
Causes "rad-client" to forego waiting for the response. This may be useful for some test scenarios. No retransmissions occur when this option is specified, so only one packet is sent.
Surprisingly, the server address to which to send the RADIUS packets.
Correct. This is the server port where RADIUS packets should be sent. Defaults to 1812.
The RADIUS shared secret used for packet authentication.
Prompt the user and add a password-encoded RADIUS attribute to the request. By default, this works in the RADIUS attribute 2.
Specifies one or more dictionary files to use for crafting the RADIUS packet and for decoding the eventual response. Multiple files can be specified, causing the dictionaries to be loaded in order.
The RADIUS packet code. Defaults to 'Access-Request'.
Specifies the RADIUS packet authenticator. The authenticator defaults to a semi-random string composed of printable characters, which seems nice in the packet dumps.

Note that a great deal of the (limited) security of RADIUS depends on the use of strong authenticator strings, which should be random and unrelated to the request they're protecting. The implementation used in this script is NOT secure, as there is little randomness.

Specifies the RADIUS packet identifier. This defaults to a random number between 1 and 255.
Parse attributes from the given file, where they must be specified one per line. Comments following Perl syntax are allowed in said file. Additional attributes can be specified in the command line.

The special file "-" means, as expected, to read "STDIN".

Causes the packet that "rad-client" crafted to be dumped to "STDOUT" before sending it.
Supress warnings and indications.
Shows this documentation, then exits.

RADIUS attributes are specified either in the command line or in the file specified with the --attributes option, as follows:

  [vendor.]attribute=value

Where vendor and attribute are the labels specified in the dictionary.

If the packet code is 'Access-Request' (or another packet code requiring a password attribute), the special attributes 'Password' and 'User-Password' (with no vendor), will be encoded with the shared secret before sending the packet, as expected.

Any received packets will be dumped to "STDOUT" using "Net::Radius::Packet->dump".

    $Log$
    Revision 1.3  2006/11/15 00:08:46  lem
    rad-client can now prompt for attribute values...
    Revision 1.2  2006/11/09 16:24:05  lem
    Only encode User-Password on packet codes other than Access-Request
    Revision 1.1  2006/11/09 10:28:47  lem
    Added rad-client to the distribution

This code and all accompanying software comes with NO WARRANTY. You use it at your own risk.

This code and all accompanying software can be used freely under the same terms as Perl version 5.8.6 itself.

Luis E. Muñoz <luismunoz@cpan.org>

perl(1), Getopt::Long(3), Net::Radius::Server(3).

Hey! The above document had some coding errors, which are explained below:

Non-ASCII character seen before =encoding in 'Muñoz'. Assuming UTF-8
2009-09-20 perl v5.40.2
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.