RADIUS protocol

General information

What is RADIUS?

Remote Authentication Dial-In User Service (RADIUS) — a network protocol for remotely authenticating users in a single access database. The protocol has been around for a long time and is therefore supported by many network devices and services.

Usage scenarios

Multifactor supports RADIUS protocol in two scenarios:

• two-factor user authentication, where the first factor is password and the second is — mobile application, Telegram or one-time code.
• one-factor &mdash authentication; changing the password to the second factor (e.g. PUSH).

To use RADIUS authentication, your access device (server or router) must be able to connect to radius.multifactor.ru on UDP port 1812.

In addition to routers and network devices, the RADIUS protocol can be included in LINUX servers' network services through the PAM_RADIUS authentication plug-in to secure the SSH connection, run the SUDO command and other actions that require enhanced access control.

In addition, RADIUS protocol can be built as an optional Windows authentication mechanism to connect to the remote desktop.

See also:

• Setting up two-factor authentication in OpenVPN
• Setting up two-factor authentication in SSH
• Configuring two-factor authentication in Windows RDP