GRANT ALL PRIVILEGES on *.* to username@'%' identified by 'password';
Ganti /etc/mysql/my.cnf, hilangkan hilangkan bind-address = 127.0.0.1
more ...
12/16/11
mysql allow from network
7/20/11
putty tunnel
http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html
realprogrammers.com
Setting up an SSH tunnel with PuTTY
What follow is how to set up as SSH tunnel using PuTTY with the MySQL port (3306) forwarded as an example. After completing this how-to you'll have port 3306 on your local machine listening and forwarding to your remote server's localhost on port 3306. Thus effectively you can connect to the remote server's MySQL database as though it were running on your local box.
Prerequisites
This how-to assumes your MySQL installation has enabled listening to a TCP/IP connection. Only listening on 127.0.0.1 is required (and the default as of MySQL 4.1). Although beyond the scope of this how-to, you can verify the server's listening by using mysql -h 127.0.0.1 rest of options on the server. Look for bind-address = 127.0.0.1 and skip-networking = 0 in your /etc/mysql/my.cnf. Also, a trouble-shooting guide.
To achieve the same with PostgreSQL simply use PostgreSQL's default port, 5432. psql -h 127.0.0.1 rest of options to test; /etc/postgresql/pg_hba.conf and the manual as pointers for configuration.
Set up the tunnel
Create a session in PuTTY and then select the Tunnels tab in the SSH section. In the Source port text box enter 3306. This is the port PuTTY will listen on on your local machine. It can be any standard Windows-permitted port. In the Destination field immediately below Source port enter 127.0.0.1:3306. This means, from the server, forward the connection to IP 127.0.0.1 port 3306. MySQL by default listens on port 3306 and we're connecting directly back to the server itself, i.e. 127.0.0.1. Another common scenario is to connect with PuTTY to an outward-facing firewall and then your Destination might be the private IP address of the database server.
Putty Tunnel
Add the tunnel
Click the Add button and the screen should look like this,
Putty Tunnel Added
Save the session
Unfortunately PuTTY does not provide a handy ubiquitous Save button on all tabs so you have to return to the Session tab and click Save,
Putty Session
Open the session
Click Open (or press Enter), login, and enjoy!
Here for reference is an example connection using MySQL Adminstrator going to localhost: note the Server Host address of 127.0.0.1 which will be transparently forwarded.
more ...
Log Rotate
http://lifeonubuntu.com/configuring-log-rotation-of-apache2-and-other-logs/
Configuring Log Rotation of Apache2 and Other Logs
in apache,backups,logs,newbie,setup,ubuntu server
I went to check out my apache2 logs
view source
print?
ls /var/log/apache2/
and I noticed that they were being automatically rotated (access.log, access.log.1, etc.) and compressed with gzip (access.log.2.gz, etc.). This seems to be the default Ubuntu configuration. I wanted to make find out more, and I found this helpful article about Ubuntu logs, including Apache2 Log info and some basic log rotation info
After reading through the info, I decided that I wanted to make a few changes. The log rotation happens via the brilliantly named logrotate command. It turns out that logrotate settings kept in 2 places.
Default logrotate settings
First, there are the default settings in /etc/logrotate.conf. You can view them with this command:
view source
print?
less /etc/logrotate.conf
You can read about the configuration parameters on the man page:
view source
print?
man logrotate
Or here: online logrotate man page
On my Ubuntu system, the default configuration is setup to rotate the logs weekly, keeping 4 weeks of backlogs. After 4 weeks, it will delete the oldest log file:
view source
print?
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
# system-specific logs may be configured here
I wanted to make a few changes:
1. save 1 year of backlogs
2. use compression for the backlogs (to save space)
3. delay compression. This will postpone compression of the previous log file to the next rotation cycle, allowing me to easily view last week’s log without having to uncompress it.
4. change the default backlog file name to include the date. By default, the files are named numerically: logname.0, logname.1, logname.2, etc. I want to use YYYYMMDD instead of 0, 1 ,2 3.
So, I edited the default config file:
view source
print?
sudo nano logrotate.conf
And I did the following:
1. change the rotate directive to 52 weeks
2. uncomment the commented-out compress directive
3. add the delaycompress command
4. add the dateex directive
The modified file looks like this:
view source
print?
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 52 weeks worth of backlogs
rotate 52
# create new (empty) log files after rotating old ones
create
# use the date in backlog filenames
dateext
# compress backlogs with a delay
compress
delaycompress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
# system-specific logs may be configured here
Application Specific Settings (eg: Apache2)
This handles the default settings. However, some applications set their own logrotate configuration. Look in /etc/logrotate.d to see the which applications override the default settings:
view source
print?
ls /etc/logrotate.d/
On my system, I wanted to make similar changes to the apache2 and mysql-server logs. Some of the changes were already there (eg: delaycompress directive) and others I had to add (eg: dateext directive).
With these changes made, my logs now rotate the way I want.
more ...
7/18/11
Radius With MySQL
http://techtots.blogspot.com/2010/01/installing-and-configuring-freeradius.html
Installing and configuring FreeRADIUS with MySQL authentication
Here's a *near* step-by-step guide to setup FreeRADIUS with MySQL backed authentication done on Ubuntu 9.10 (Karmic). Start by installing the necessary deb files:
# apt-get install freeradius freeradius-mysql
Add the following lines to the /etc/freeradius/users file:
abc Cleartext-Password := "123"
Stop freeradius service just in case:
/etc/init.d/freeradius stop
Now test using the radtest client:
# radtest abc 123 localhost 1812 testing123
Sending Access-Request of id 149 to 127.0.0.1 port 1812
User-Name = "abc"
User-Password = "123"
NAS-IP-Address = 208.67.219.132
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=149, length=20
Ensure that the response is "Access-Accept". The following should be displayed at the server console:
rad_recv: Access-Request packet from host 127.0.0.1 port 33425, id=149, length=55
User-Name = "abc"
User-Password = "123"
NAS-IP-Address = 208.67.219.132
NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "abc", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry abc at line 61
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "123"
[pap] Using clear text password "123"
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 149 to 127.0.0.1 port 33425
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 2 ID 149 with timestamp +3641
Ready to process requests.
Now on to MySQL setup. First, create a database where FreeRADIUS will store its data. We'll call it radius:
create database radius
Import the MySQL schema from /etc/freeradius/sql/mysql/schema.sql:
mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql
You should have 7 tables as shown below:
radacct
radcheck
radgroupcheck
radgroupreply
radpostauth
radreply
radusergroup
Edit the file /etc/freeradius/sql.conf and change the following parameters to suite your environment:
server = "localhost"
login = "root"
password = "password"
radius_db = "radius"
Enable the SQL configuration in /etc/freeradius/radiusd.conf by uncommenting the following line:
$INCLUDE sql.conf
Enable SQL configuration in the default enabled site /etc/freeradius/sites-available/default:
authorize {
...
sql
...
}
accounting {
...
sql
...
}
session {
...
sql
...
}
post-auth {
...
sql
...
}
Insert the following record into radcheck table:
INSERT INTO `radius`.`radcheck` (`id` ,`username` ,`attribute` ,`op` ,`value`)
VALUES (NULL , 'test', 'MD5-Password', ':=', MD5( '1234' )
Note: More info on the 'op' value can be obtained by reading the 'unlang' man page. Snippet shown below:
Operators
The operator used to assign the value of the attribute may be one of the following, with the given meaning.
= Add the attribute to the list, if and only if an attribute of the same name is already present in that list.
:= Add the attribute to the list. If any attribute of the same name is already present in that list, its value is replaced with the value of the current
attribute.
+= Add the attribute to the tail of the list, even if attributes of the same name are already present in the list.
Enforcement and Filtering Operators
The following operators may also be used in addition to the ones listed above. Their function is to perform enforcement or filtering on attributes in a list.
-= Remove all matching attributes from the list. Both the attribute name and value have to match in order for the attribute to be removed from the list.
== Remove all non-matching attributes from the list. Both the attribute name and value have to match in order for the attribute to remain in the list.
Note that this operator is very different than the '=' operator listed above!
<= Enforce that the integer value of the attribute is less than or equal to the value given here. If there is no attribute of the same name in the list,
the attribute is added with the given value, is with "+=". If an attribute in the list exists, and has value less than given here, it's value is
unchanged. If an attribute in the list exists, and has a value greater than given here, then that value is replaced with the one given here.
This operator is valid only for attributes of integer type.
>= Enforce that the integer value of the attribute is greater than or equal to the value given here. If there is no attribute of the same name in the
list, the attribute is added with the given value, is with "+=". If an attribute in the list exists, and has value greater than given here, it's value
is unchanged. If an attribute in the list exists, and has value less than given here, then that value is replaced with the one given here.
This operator is valid only for attributes of integer type.
Start freeradius in debug mode by using the command below:
# freeradius -X
In another terminal console, use radtest again to test the connection:
# radtest test 1234 localhost 1812 testing123
root@mike-laptop:/etc/freeradius/sites-available# radtest test 1234 localhost 1812 testing123
Sending Access-Request of id 147 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "1234"
NAS-IP-Address = 208.67.219.132
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=147, length=20
Again, make sure the response contains "Access-Accept". Following output should be shown at the server terminal:
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
expand: %{User-Name} -> test
[sql] sql_set_user escaped user --> 'test'
rlm_sql (sql): Reserving sql socket id: 3
expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id
[sql] User found in radcheck table
expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id
expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Normalizing MD5-Password from hex encoding
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "1234"
[pap] Using MD5 encryption.
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
expand: %{User-Name} -> test
[sql] sql_set_user escaped user --> 'test'
expand: %{User-Password} -> 1234
expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', '1234', 'Access-Accept', '2010-01-10 12:55:21')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', '1234', 'Access-Accept', '2010-01-10 12:55:21')
There should also be some records in the radpostauth table:
mysql> select * from radpostauth;
+----+----------+------+---------------+---------------------+
| id | username | pass | reply | authdate |
+----+----------+------+---------------+---------------------+
| 14 | test | 1234 | Access-Accept | 2010-01-10 12:00:12 |
| 15 | test | 1234 | Access-Accept | 2010-01-10 12:19:39 |
| 16 | test | 1234 | Access-Accept | 2010-01-10 12:55:21 |
+----+----------+------+---------------+---------------------+
3 rows in set (0.00 sec)
As you can see, it's rather dangerous to have the clear text password shown in the table. If you want to turn off that feature, comment out the 'sql' directive in the /etc/freeradius/sites-available/default file under 'post-auth' section.
Have fun!
more ...
apache and freeradius
From: http://www.adminsehow.com/2010/03/how-to-authenticate-apache-2-with-radius-on-debian/
Install Apache radius module :
view source
print?
1 apt-get install libapache2-mod-auth-radius
enable radius module for Apache :
view source
print?
1 a2enmod auth_radius
open /etc/apache2/apache2.conf and add the following lines to end of file :
view source
print?
1 AddRadiusAuth ip_address:1812 apache2 5:3
2 AddRadiusCookieValid 60
go to /var/www folder or the folder which you want to protect and create a .htaccess file inside it containing following lines :
view source
print?
1 AuthType Basic
2 AuthName "AdminseHow Radius Authentication"
3 AuthBasicAuthoritative Off
4 AuthBasicProvider radius
5 AuthRadiusAuthoritative on
6 AuthRadiusActive On
7 Require valid-user
restart Apache :
view source
print?
1 /etc/init.d/apache2 restart
for more info regarding the configuration options , you can read the following link :
http://freeradius.org/mod_auth_radius/
radius config
users
test Cleartext-Password := "password"
clients
client ip_address {
nastype = other
secret = apache2
}
more ...
4/8/11
Ingat-ingat lagi
http://www.cyberciti.biz/tips/recover-mysql-root-password.html
Recover MySQL root Password
by Vivek Gite on April 18, 2006 · 176 comments
You can recover MySQL database server password with following five easy steps.
Step # 1: Stop the MySQL server process.
Step # 2: Start the MySQL (mysqld) server/daemon process with the --skip-grant-tables option so that it will not prompt for password.
Step # 3: Connect to mysql server as the root user.
Step # 4: Setup new mysql root account password i.e. reset mysql password.
Step # 5: Exit and restart the MySQL server.
Here are commands you need to type for each step (login as the root user):
Step # 1 : Stop mysql service
# /etc/init.d/mysql stop
Output:
Stopping MySQL database server: mysqld.
Step # 2: Start to MySQL server w/o password:
# mysqld_safe --skip-grant-tables &
Output:
[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started
Step # 3: Connect to mysql server using mysql client:
# mysql -u root
Output:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
Step # 4: Setup new MySQL root user password
mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit
Step # 5: Stop MySQL Server:
# /etc/init.d/mysql stop
Output:
Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended
[1]+ Done mysqld_safe --skip-grant-tables
Step # 6: Start MySQL server and test it
# /etc/init.d/mysql start
# mysql -u root -p
more ...
1/29/11
10/26/10
Ubuntu Version
Use one of this command
cat /etc/issue
lsb_release -a
cat /etc/apt/sources.list
uname -a
more ...
Microphone Playback in SoundMax
Modify the registry key, it will look slightly different in other computer, just look for identical key. In my Laptop, HP 6530b the key is:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0005\AD1984A\Disable]
"MicBR"=hex:00
"MicV"=hex:01
I changed it to
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0005\AD1984A\Disable]
"MicBR"=hex:00
"MicV"=hex:01
"MicS"=hex:00
"MicM"=hex:00
and restart the Laptop.
And now Microphone Playback is working. The option in enabled in volume properties.
more ...
10/21/10
Send SMS using AT Command
Just a reminder:
AT
OK
AT+CMGF=1
OK
AT+CMGW="+62811198...."
> Demo-demo-demo-demo.
+CMGW: 1
OK
AT+CMSS=1
+CMSS: 20
OK
+CMGW: 1 means the SMS Storage. Send it using AT+CMSS="storage"
more ...
9/17/10
Recommended Software
Useful software to make life easier
Ultrarenamer 0.3 by Dabu
--> Very useful to batch rename file
Snagit
--> If you need to capture a lot of screenshot, this is undispensable tools
Auslogic Disk Defrag
--> The most starighforward and free disk defragmenter
TrueCrypt
--> Never let your secret data discovered
Teracopy
--> Best windows copy tool ever
Autoit v3
--> No other automation tools can beat this free automation software
more ...
Plan of the month
This month plan: Read minimum 1 technological whitepaper/article per days and write about it.
**start working and stop complaining**
more ...
8/2/10
Convert CHM ke Word Document
Sejauh ini, software yang paling baik dan tersedia cracknya:
Softany CHM to Doc Converter 2.01
Pas waktu mau ngeprint hasil konversinya, sepertinya sayang jika print index-nya, sedangkan index tidak dilengkapi dengan informasi halaman. Akhirnya buat macro word untuk menambahkan informasi halaman di samping index.
Sub halamanHyp()
Dim oHyp As Hyperlink
Dim sAddr As String
Dim oRg As Range
With ActiveDocument
For Each oHyp In .Hyperlinks
On Error Resume Next
'cari nama bookmark dari nama hyperlink
nameHyp = oHyp.Name
.Bookmarks(nameHyp).Select
oPage = Selection.Information(wdActiveEndPageNumber)
If InStr(1, nameHyp, "index", vbTextCompare) > 0 Then
Set oRg = oHyp.Range
oRg.Collapse wdCollapseEnd
sAddr = " (" & oPage & ")"
oRg.Text = sAddr
End If
Next
End With
End Sub
more ...
6/28/10
There are no shortcuts to anyplace wroth going.
There are no shortcuts to anyplace wroth going. more ...
4/16/10
Reminder
Accessibility Options
access.cpl
Add/Remove Programs
appwiz.cpl
Add Hardware Wizard
hdwwiz.cpl
Administrative Tools
admintools
Automatic Updates
wuaucpl.cpl
Bluetooth Properties
bthprops.cpl
Control Panel
panel
Desktop Properties
desktop
Desktop Appearances Properties
color
Display Properties
desk.cpl
Fastfind Properties
findfast.cpl
Firewall Properties
firewall.cpl
Fonts Folder
fonts
Game Controllers
joy.cpl
Infrared Properties
infrared
Internet Options
inetcpl.cpl
iSCSI Initiator
iscsicpl.cpl
Java Control Panel
jpicpl32.cpl
Keyboard Properties
main.cpl keyboard
Licensing Mode
liccpa.cpl
Mouse Properties
main.cpl
Network Connections
ncpa.cpl
Network Setup Wizard
netsetup.cpl
ODBC Properties
odbccp32.cpl
Power Options
powercfg.cpl
Printers Folder
printers
Regional and Language Options
intl.cpl
Scanners and Camera Properties
sticpl.cpl
Schedule Tasks
schedtasks
Sound and Audio Devices
mmsys.cpl
Stored Passwords
keymgr.cpl
System Properties
sysdm.cpl
Telephone and Modem Properties
telephon.cpl
Time and Date Settings
timedate.cpl
User Accounts
nusrmgr.cpl
User Accounts Advances
userpasswords2
User Passwords
userpasswords
Windows Security Center
wscui.cpl
Wireless Link
irprops.cpl
more ...
3/22/10
3/19/10
Change runlevel
http://www.debianadmin.com/debian-and-ubuntu-linux-run-levels.html
Karmic Koala
http://coffeecode.net/archives/203-Changing-the-default-run-level-in-Ubuntu-9.10-Karmic-Koala.html
You felt pretty pleased with yourself for jumping on the latest Ubuntu release back in the alpha stages on your virtual machine, then having it running on your laptop and Lynn's Asus EEE 701 the day after the final release came out.
But did you ever have to change the default runlevel? NO, you didn't. You didn't anticipate that you would want to convert that alpha-6 server into a workstation. Nice thinking, hero. And now that you've figured it out, you're going to remind yourself that the place to change it is in /etc/init/rc-sysinit.conf. You might want to look at the env DEFAULT_RUNLEVEL setting. Oh sure, you could manually create an old-school /etc/inittab file, and it would get picked up from there. But, you know, throwing away a grand old tradition like that really feels liberating, doesn't it?
more ...
Install VNC in Linux
The file:
keygen
vnc-E4_4_0-x64_linux.tar.gz
vnc-e_4.5_i386.deb
vnc-E4_5-x86_linux.rpm
install the file,
./keygen
vnclicense -add key (from ./keygen)
more ...
Install VMWare 7 in Linux
Get the bundle file, VMware-Workstation-7.0.0-203739.i386.bundle
Disable kvm
sudo modprobe -r kvm_intel
Install it
sudo sh VMware-Workstation-7.0.0-203739.i386.bundle
Just a followup - the kvm module will get reloaded after a reboot (which won't break VMware entirely, but will cause it to not be able to use the hardware VM features of the CPU). To get rid of kvm once and for all (type this in a console as root):
apt-get purge kvm
You can reinstall it later if you need it for some other VM environment, with:
apt-get install kvm
more ...
2/13/10
FreeRadius configuration di CentOS 5.3
Recently, I need to understand how Radius works, so I build a simple Radius server to learn how radius works. The setup here is fairly a basic setup. My goal is just to make a simple radius server up and running.
After a googling session, I decide to use freeradius as the Radius Server. Lets start,
Because I'm using cent=os, of course my best option in installing free radius is using yum. So I started to check waht freeradius package is available in yum repositories
[trixbox1.localdomain ~]# yum search radius
=============================== Matched: radius ================================
freeradius.i386 : High-performance and highly configurable free RADIUS server.
freeradius-mysql.i386 : MySQL bindings for freeradius
freeradius-postgresql.i386 : postgresql bindings for freeradius
freeradius-unixODBC.i386 : unixODBC bindings for freeradius
perl-Authen-Radius.noarch : Perl module that provides simple Radius client
: facilities
Hmm, good, there is freeradius in the default repositories. So I just install the freeradius,
# yum install freeradius.i386
I also need to install freeradius-mysql.i386 to enable mysql support in the radius configuration. I am using mysql to stored the username/password database.
# yum install freeradius-mysql.i386
In this setup, I have already installed mysql database (if you don't, please do so first), so the next step is to configure the mysql database.
# mysql -u root -p
Enter password: *****
mysql>create database radius
mysql>exit
Next, import the mysql database example from /usr/share/doc/freeradius-1.1.3/examples/mysql.sql
# mysql -u root -p radius < /usr/share/doc/freeradius-1.1.3/examples/mysql.sql
The database is now populated with the data in the mysql.sql file. Populate the username information into the database, in my sql prompt, you can use this to insert username a and password: passt to the database
mysql> use radius
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('a', 'Password', 'passt');
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('a', 'Auth-Type', 'Local');
Next step is to configure freeradius to connect to mysql radius database. We need to edit configuration file in /etc/raddb. Don't forget to backup all the file in this directory before you change anything, in case you messed up the configuration.
The first configuration file we edit is sql.conf. Make sure the information the reflect the mysql database configuration.
Next, edit clients.conf. Edit the secret key as you wished.
Next, edit radius.conf file. Make sure you uncomment sql attributes in accounting and authorize section. Also, uncomment the $INCLUDE ${confdir}/sql.conf line.
The configuration is done, you now can test the radius server using
#/usr/sbin/radiusd -X.
You can locally test the radius server using this command
# radtest a passt localhost 1812 secret_key
or to simulate NAS Client and the user you can use NTRadPing or Radeaptest in windows environment.
Thats all folks.
more ...
Subscribe to:
Posts (Atom)
