Authentication The authentication directory contains software which provides services to authenticate users against a number of directories and databases, typically using RADIUS and TACACS+ protocols. o Kerberos Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. This directory contains Kerberos client software for Macintosh and Windows from MIT, and Kerberos server software from MIT and Heimdal in Sweden. Prior to installing this software, we recommend you confirm if your operating system already offers Kerberos support (ie *BSD, Microsoft Windows), or has binary packages available for it (ie most Linux distributions). o RADIUS # Cistron RADIUS Cistron RADIUS is an authentication and accounting server for terminal servers that speak the RADIUS protocol based on the Livingston RADIUS server. # FreeRADIUS The FreeRADIUS Server Project is an attempt to create a high-performance and highly configurable GPL'd RADIUS server. The server is similar to Livingston's 2.0 server. FreeRADIUS is a variant of the Cistron RADIUS server, but they don't share a lot in common any more. # GNU RADIUS GNU RADIUS is a GPL-licensed RADIUS implementationthat supports a wide variety of authentication schemes including system database, internal database, SQL database and PAM authentication. GNU RADIUS also supports three built-in accounting schemes - Unix accounting (radutmp/radwtmp), detailed accounting (text files) and SQL accounting. # IC-RADIUS IC-RADIUS is a variant if Cistron RADIUS, but with a MySQL backend. It includes a web interface for user management, as well as a CGI for your users to check their usage history. IC-RADIUS conforms to RFC 2865 and RFC 2866. IC-RADIUS is released under the GPL. # Lucent RADIUS The Lucent (nee Livingston) RADIUS server is a BSD-licensed implementation of the radius protocol designed to operate with Livingston (and other) terminal servers. It handles user authentication and accounting. # OpenRADIUS OpenRADIUS is a GPL-licensed implementation of the RADIUS protocol with an ability to get shared secrets, authentication information, policies and user profiles from any available external data source, and which supports Unix password databases (including NIS/NIS+), Livingston-style ASCII files and LDAP directories out of the box. # Radiusclient Radiusclient is a framework and library for writing RADIUS clients. The distribution contains a flexible RADIUS aware login replacement, a command line program to send RADIUS accounting records and a utility to query the status of a (Merit) RADIUS server. All these programs are based on a library which lets you develop a RADIUS-aware application in less than 50 lines of C code. It is highly portable and runs at least under Linux, a lot of BSD variants and Solaris. # XTRadius XtRadius is a freeware radius server implementation. The main difference between XTRadius and other radius servers, is that it allows you to execute fully customisable scripts to handle authentication and user accounting. o SRP The Secure Remote Password protocol is the core technology behind the Stanford SRP Authentication Project. The Project is an Open Source initiative that integrates secure password authentication into existing networked applications. o TACACS # tac_bsd tac_bsd is a TACACS+ client for BSD operating systems. # tac_plus tac_plus is Cisco's freeware TACACS+ implementation for Unix. It is intended for use by "first time" users, as Cisco sells a commercial product with a larger feature set for commercial installations. (Note: This list of software and information available at Wiretapped is not exhaustive. Users are encouraged to browse and search the archive and read any available "-README.txt" files that are available)