Please note that you are currently reading the latest version 2.x documentation. The archived version 1.x documentation is available here
Once installed, the use of MIRACL Trust SSO RADIUS involves managing a set of config files which are located in the
/etc/srv-radius/ directory. In the config, it is possible to enable usage of the Microsoft PEAP protocol in order to allow using authentication protocols like MS-CHAPv2 with a secure tunnel.
The steps involved are:
Create a new MIRACL Trust RADIUS app in the MIRACL Trust authentication portal to receive the Client ID and Client Secret needed to set up the connection between your instance and the authentication portal, and to generate a url at which your end users can register
Install your MIRACL Trust SSO RADIUS server
Configure your MIRACL Trust SSO RADIUS server and RADIUS client / VPN server (simple ssh client, OpenVPN, Cisco Anyconnect etc.)
Once installed, MIRACL Trust RADIUS is configured for use by YAML configuration files stored in the
/etc/srv-radius/ ├── config.yaml ├── core.yaml ├── hosts │ └── openvpn.yaml │ └── sshtest.yaml └── integrations ├── ldap.yaml └── zfa.yaml
The config.yaml file simply lists the other files to be included. For example:
includes: - core.yaml - hosts/openvpn.yaml - hosts/sshtest.yaml - integrations/ldap.yaml - integrations/zfa.yaml
core.yaml contains the basic details of your MIRACL Trust RADIUS installation, plus the Client ID and Client Secret obtained from the admin portal.
In the hosts/ subfolder, you can configure multiple hosts for OTP access (ssh clients, VPN clients, etc.)
Note that settings in files lower down the list of includes will override settings in those higher in the list. For example if you include a file which specifies a server port number, this will override a server port number set in a file higher in the list of includes.
When changes have been made to your MIRACL Trust RADIUS config files (in the
/etc/srv-radius/ directory) it is necessary to run
sudo service srv-radius restart to apply the changes.
The following diagram gives a high-level overview of the components involved: