In this tutorial, we will show you how to install FreeRADIUS on Ubuntu 20.04 LTS. For those of you who didn’t know, FreeRADIUS is a free and open-source implementation of the RADIUS protocol. It’s the most popular and widely deployed open-source RADIUS server, is also used by many Fortune-500 companies, telecommunications companies, and Tier 1 ISPs. daloRADIUS on the other hand is an advanced web application for managing FreeRADIUS servers.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of FreeRADIUS on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Prerequisites
- A server running one of the following operating systems: Ubuntu 20.04, 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install FreeRADIUS on Ubuntu 20.04 LTS Focal Fossa
Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.
sudo apt update sudo apt upgrade
Step 2. Installing the LAMP stack.
A Ubuntu 20.04 LAMP server is required. If you do not have LAMP installed, you can follow our guide here.
Step 3. Installing FreeRADIUS on Ubuntu 20.04.
FreeRADIUS packages are available in the official repository from Ubuntu. Now run the following command to install it:
sudo apt-get install freeradius freeradius-mysql freeradius-utils
To quickly check that FreeRADIUS and up and running we’ll run it in debug mode:
sudo freeradius -X
Step 4. Configuring MariaDB.
By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set a root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB.
mysql_secure_installation
Configure it like this:
- Set root password? [Y/n] y - Remove anonymous users? [Y/n] y - Disallow root login remotely? [Y/n] y - Remove test database and access to it? [Y/n] y - Reload privilege tables now? [Y/n] y
Next, we will need to log in to the MariaDB console and create a database for the FreeRADIUS. Run the following command:
mysql -u root -p
This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server you need to create a database for FreeRADIUS installation:
MariaDB [(none)]> CREATE DATABASE radius; MariaDB [(none)]> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "your-strong-passwd"; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> quit;
Next, run the below command to import the pre-built database schema available in the FreeRADIUS directory:
sudo -i mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql exit cd
Then, create a soft link to the SQL module to /etc/freeradius/3.0/mods-enabled:
sudo ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/
Also, change the ownership of SQL files:
sudo chgrp -h freerad /etc/freeradius/3.0/mods-available/sql sudo chown -R freerad:freerad /etc/freeradius/3.0/mods-enabled/sql
Step 5. Configure Firewall.
FreeRADIUS uses UDP ports 1812 for authentication and 1813 for accounting. You need to make sure those ports are allowed:
sudo ufw allow to any port 1812 proto udp sudo ufw allow to any port 1813 proto udp
Step 6. Installing daloRADIUS on Ubuntu 20.04.
First, we’ll download daloRADIUS from the Github repository:
wget https://github.com/lirantal/daloradius/archive/master.zip unzip master.zip sudo mv daloradius-master /var/www/html/daloradius
Populate the database with the daloRADIUS schema:
cd /var/www/html/daloradius sudo mysql -u root -p radius< contrib/db/fr2-mysql-daloradius-and-freeradius.sql sudo mysql -u root -p radius< contrib/db/mysql-daloradius.sql
Next, change the permission of the daloRADIUS directory:
cd /var/www/html/daloradius/library/ sudo mv daloradius.conf.php.sample daloradius.conf.php sudo chown -R www-data:www-data /var/www/html/daloradius/ sudo chmod 664 /var/www/html/daloradius/library/daloradius.conf.php
Next, we edit a few variables in the daloRADIUS connection file, so it’s able to connect to the FreeRADIUS database:
sudo nano /var/www/html/daloradius/library/daloradius.conf.php
Change the following values:
$configValues['CONFIG_DB_USER'] = 'root'; $configValues['CONFIG_DB_PASS'] = 'your-strong-passwd'; $configValues['CONFIG_DB_NAME'] = 'radius';
Save and exit the configuration file and restart FreeRADIUS:
sudo systemctl restart freeradius sudo systemctl restart apache2
Step 7. Accessing daloRADIUS Web Interface.
To access the web interface, open your web browser and type the URL http://your-server-ip-address/daloradius/login.php. You will be redirected to the daloRADIUS login page:
Default daloRADIUS username/password:
username: administrator password: radius
You can change a user password by logging into daloRADIUS > Config (In the top menu) > Operators (In the submenu) > List Operators (In the gray sidebar) > Click on the user (in our case administrator) and in the next screen change the password and click Apply.
Congratulations! You have successfully installed FreeRADIUS. Thanks for using this tutorial for installing FreeRADIUS on Ubuntu 20.04 LTS Focal Fossa system. For additional help or useful information, we recommend you check the official FreeRADIUS website.
