3.42.3. Secret Previous topic Parent topic Child topic Next topic

The default value of the secret we share with the destination radius servers. Radiator acts like a RADIUS client when it forwards RADIUS request to another RADIUS server.
You must define a shared secret for each Host in AuthBy RADIUS, and it must match the secret configured into the destination RADIUS server. There is no default. The secret can be any number of ASCII characters. Any ASCII character except newline is permitted, but it might be easier if you restrict yourself to the printable characters. For a reasonable level of security, the Secret should be at least 16 characters, and a mixture of upper and lower case, digits and punctuation. You should not use just a single recognisable word. Can be overridden for an individual host inside its Host clause.
# This better agree with the server at
# eric.open.com.au or they wont understand us
<AuthBy RADIUS>
      Host eric.open.com.au
      Secret 666obaFGkmRNs666
</AuthBy>
CAUTION
Some NASs, notably Enterasys Smart Switch Routers support a maximum shared secret length of 16 characters.