LinuxTutorialsUbuntu

How To Install FreeRADIUS on Ubuntu 20.04 LTS

Install FreeRADIUS on Ubuntu 20.04

In this tutorial, we will show you how to install FreeRADIUS on Ubuntu 20.04 LTS. For those of you who didn’t know, FreeRADIUS is a free and open-source implementation of the RADIUS protocol. It’s the most popular and widely deployed open-source RADIUS server, is also used by many Fortune-500 companies, telecommunications companies, and Tier 1 ISPs. daloRADIUS on the other hand is an advanced web application for managing FreeRADIUS servers.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of FreeRADIUS on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

Prerequisites

  • A server running one of the following operating systems: Ubuntu 20.04, 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install FreeRADIUS on Ubuntu 20.04 LTS Focal Fossa

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade

Step 2. Installing the LAMP stack.

A Ubuntu 20.04 LAMP server is required. If you do not have LAMP installed, you can follow our guide here.

Step 3. Installing FreeRADIUS on Ubuntu 20.04.

FreeRADIUS packages are available in the official repository from Ubuntu. Now run the following command to install it:

sudo apt-get install freeradius freeradius-mysql freeradius-utils

To quickly check that FreeRADIUS and up and running we’ll run it in debug mode:

sudo freeradius -X

Step 4. Configuring MariaDB.

By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read and below each step carefully which will set a root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB.

mysql_secure_installation

Configure it like this:

- Set root password? [Y/n] y
- Remove anonymous users? [Y/n] y
- Disallow root login remotely? [Y/n] y
- Remove test database and access to it? [Y/n] y
- Reload privilege tables now? [Y/n] y

Next, we will need to log in to the MariaDB console and create a database for the FreeRADIUS. Run the following command:

mysql -u root -p

This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server you need to create a database for FreeRADIUS installation:

MariaDB [(none)]> CREATE DATABASE radius;
MariaDB [(none)]> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "your-strong-passwd";
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> quit;

Next, run the below command to import the pre-built database schema available in the FreeRADIUS directory:

sudo -i 
mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql
exit
cd

Then, create a soft link to the SQL module to /etc/freeradius/3.0/mods-enabled:

sudo ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/

Also, change the ownership of SQL files:

sudo chgrp -h freerad /etc/freeradius/3.0/mods-available/sql
sudo chown -R freerad:freerad /etc/freeradius/3.0/mods-enabled/sql

Step 5. Configure Firewall.

FreeRADIUS uses UDP ports 1812 for authentication and 1813 for accounting. You need to make sure those ports are allowed:

sudo ufw allow to any port 1812 proto udp
sudo ufw allow to any port 1813 proto udp

Step 6. Installing daloRADIUS on Ubuntu 20.04.

First, we’ll download daloRADIUS from the Github repository:

wget https://github.com/lirantal/daloradius/archive/master.zip
unzip master.zip
sudo mv daloradius-master /var/www/html/daloradius

Populate the database with the daloRADIUS schema:

cd /var/www/html/daloradius
sudo mysql -u root -p radius< contrib/db/fr2-mysql-daloradius-and-freeradius.sql
sudo mysql -u root -p radius< contrib/db/mysql-daloradius.sql

Next, change the permission of the daloRADIUS directory:

cd /var/www/html/daloradius/library/
sudo mv daloradius.conf.php.sample daloradius.conf.php
sudo chown -R www-data:www-data /var/www/html/daloradius/
sudo chmod 664 /var/www/html/daloradius/library/daloradius.conf.php

Next, we edit a few variables in the daloRADIUS connection file, so it’s able to connect to the FreeRADIUS database:

sudo nano /var/www/html/daloradius/library/daloradius.conf.php

Change the following values:

$configValues['CONFIG_DB_USER'] = 'root';
$configValues['CONFIG_DB_PASS'] = 'your-strong-passwd';
$configValues['CONFIG_DB_NAME'] = 'radius';

Save and exit the configuration file and restart FreeRADIUS:

sudo systemctl restart freeradius
sudo systemctl restart apache2

Step 7. Accessing daloRADIUS Web Interface.

To access the web interface, open your web browser and type the URL http://your-server-ip-address/daloradius/login.php. You will be redirected to the daloRADIUS login page:

Install FreeRADIUS on Ubuntu 20.04

Default daloRADIUS username/password:

username: administrator
password: radius

You can change a user password by logging into daloRADIUS > Config (In the top menu) > Operators (In the submenu) > List Operators (In the gray sidebar) > Click on the user (in our case administrator) and in the next screen change the password and click Apply.

Congratulations! You have successfully installed FreeRADIUS. Thanks for using this tutorial for installing FreeRADIUS on Ubuntu 20.04 LTS Focal Fossa system. For additional help or useful information, we recommend you check the official FreeRADIUS website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Back to top button