mirror of
https://github.com/ntop/ntopng.git
synced 2026-04-29 15:39:33 +00:00
21 lines
946 B
Text
21 lines
946 B
Text
RADIUS authentication can be enabled from the ntopng preferences page.
|
|
|
|
ntopng will request an Access-Request to a radius server and, if an Access-Accept
|
|
is returned, the user will be authenticated.
|
|
|
|
In order to distinguish between admin and normal users, a `Filter-Id` attribute is
|
|
used https://tools.ietf.org/html/rfc2865#section-5.11 . The `Filter-Id` for admin
|
|
users should correspond to the `RADIUS Admin Group` set into the ntopng RADIUS preferences.
|
|
|
|
# Setting up a FreeRadius server
|
|
|
|
Check out https://www.packet6.com/install-freeradius-ubuntu-server . `testing123` is the default
|
|
secret for localhost. In order to set up the Filter-Id attribute for a user, the following lines should be added to `/etc/freeradius/users`
|
|
|
|
```
|
|
testuser Cleartext-Password := "Password123"
|
|
Filter-Id = "ntopAdmin"
|
|
```
|
|
|
|
In order for authentication to work properly, testuser must actually exist as a Linux user
|
|
in the system where FreeRadius is installed.
|