Friday, August 02, 2013

How to enable auth details in FreeRADIUS log?

Here to describe how to enable detail auth information and authentication requests to the log file in FreeRADIUS.

FreeRADIUS 1.x:
Open and edit /etc/raddb/radiusd.conf to set:
log_auth = yes
auth_log
detail auth_log {
                detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
                #
                #  This MUST be 0600, otherwise anyone can read
                #  the users passwords!
                detailperm = 0600
         }


FreeRADIUS 2.x:
Open and edit /etc/raddb/radiusd.conf to set:
auth = yes
Open and edit /etc/raddb/sites-available/default to set:
auth_log