Configure RADIUS Authentication

When RADIUS is configured, Reflection for Secure IT UNIX Client and Server transfers control of authentication to the RADIUS authentication server.

To configure the Reflection for Secure IT UNIX Client and Server server

1. Create the following file and set owner-only read and write access (permissions = 600).

   /opt/microfocus/rsit/etc/radius_config

2. Open this file in a text editor. Add a line for each RADIUS server that identifies the server, the port used for RADIUS on that server, and the shared secret required for RADIUS clients to authenticate to that server. For example:

   server1:1812:secret1
   server2:1812:secret2
   

   Note

   RADIUS servers are contacted in order from top to bottom until a response to the authentication request is received.

3. Open the server configuration file (/opt/microfocus/rsit/etc/sshd2_config) in a text editor. Edit the following keywords:

   AllowedAuthentications=keyboard-interactive
   AuthKbdInt.Required=radius
   RadiusFile=/opt/microfocus/rsit/etc/radius_config
   

To configure the client

• Enable keyboard-interactive authentication. (This is the default for all Reflection for Secure IT UNIX Client and Server clients.)

---

More information

• RADIUS Authentication