[CentOS] RADIUS

Wed Feb 14 16:37:53 UTC 2018
hw <hw at gc-24.de>

Hi,

I´m trying to figure out how to practically use RADIUS to authenticate
users.

So far, I have only found documentation explaining that the idea is that
users somehow magically need to authenticate against a RADIUS server via
a device like a switch or a wireless access point before they are given or
being denied access to a network.  I understand that I have to refer to
the documentation of the switch or access point to figure out how to set
up RADIUS authentication with the particular device.

But how is this achieved in practice?  Let´s say I have a couple laptops and
a couple phones and a couple computers which connect either to a switch or to
a wireless access point.  Both the switch and the access point support RADIUS,
and I would set them up to talk to the RADIUS server and require every device
that wants to connect to the network through them to authenticate first.  I also
have a couple thin clients and a couple computers which use PXE-boot, and the
users of those would have to provide authentication before the machines could
even boot.

Then what?  How do I make it so that the users are actually able to authenticate?

Is there any documentation about this?  Or am I not supposed to use RADIUS but
something else?