Install the RADIUS Linux server agent

Before you begin

If you use the Amazon Elastic Compute Cloud (also known as Amazon EC2), obtain all required keys and upload the RPM file into your Linux environment.

Download and validate the installer

1. In the Admin Console, go to SettingsDownloads.
2. Click the Download Latest link next to the RADIUS installer that you want to download. Make a note of the installer's file size and SHA-512 hash as they appear on the Downloads page.
3. Use one of the following commands to generate the hash on your local machine. Replace setup in the commands with the file path to your downloaded agent:
   • Linux: sha512sum setup.rpm
   • macOS: shasum -a 512 setup.rpm
   • Windows: CertUtil -hashfile setup.exe SHA512
4. Verify that the generated hash matches the hash on the Downloads page.

Install the agent

Okta shares the RADIUS port with the RADIUS server agent when the associated RADIUS app is configured. This exchange occurs in the background and no administrator intervention is required.

Run the following commands as root.

1. Open a terminal window on the computer where you want to run the agent.
2. Change to root:

   $ su root password:<enter root password>

3. Install the agent using one of these methods:
   1. Use rpm to install the agent:

      rpm -Uvh OktaRadiusSetupRPM-{M.m.details}.rpm

      • U: Install or upgrade
      • v: Execute in verbose mode
      • h: Periodically print hash marks (#) while performing the operation
      • M.m.details: This represents the most recent version of the agent RPM file, like OktaRadiusSetupRPM-2.10.0.rpm
   2. Use Debian apt to install the agent:

      apt install /${PATH_TO_INSTALLER_FILE}/OktaRadiusAgentSetup-{M.m.details}.deb

      • M.m.details: This represents the most recent version of the agent DEB file, like OktaRadiusAgentSetup-2.10.0.deb.
4. Enter the base URL for your Okta org.
5. The server prompts you for proxy information. Enter Yes to enter a proxy or No to skip the proxy configuration. If you chose to enter a proxy, enter the hostname and port combination for the proxy server, and optionally, a username and password.
6. Authenticate with your Okta org. Copy the URL from the agent install window and open the link in a web browser. The URL resembles this example:https://{yourorg.okta.com}/oauth2/auth?code={code}.
7. In the web browser, authenticate with Okta and click Allow Access to authorize the agent.

   Use a dedicated service account with the Read-only Admin and app admin roles, or the super admin role to authorize the agent. Okta generates an API token for the agent.

8. Return to the Linux terminal window. A message appears to indicate that the agent was successfully registered.
9. Configure a RADIUS app in Okta to configure the RADIUS server agent port, shared secret, and advanced RADIUS settings. See RADIUS applications in Okta.
10. Shut down and restart the RADIUS server agent.