mschap and users file
Alan DeKok
aland at ox.org
Thu Jan 19 18:06:36 CET 2006
=?ISO-8859-1?Q?Andr=E9_Lemos?= <alemos at criticalsoftware.com> wrote:
> Right now I'm only using mschap and the users file to authenticate a
> user, but I'm getting:
...
Read the REST of the debug log. It will show you that the entries
you added to the "users" file aren't being matched.
> although on my users file I have:
>
> "wifi" Crypt-Password == "BcFvDSx8ydTSk"
> "wifi" lmPassword == "02D093CE93078E8FAAD3B435B51404EE"
> "wifi" ntPassword == "CAF13C4F321B608B27FD75D2549BA53C"
There is no "lmPassword" attribute, or "ntPassword" attribute in
FreeRADIUS. Even if there was, you're using "==", which the "man
users" page says is a comparison. Since there is no "lmPassword" in
the packet, the comparison will always fail, and that entry will never
be matched.
Again, debugging mode tells you that these entries are not being
matched. That's why you should read ALL of the debug logs, not just
thelast little bit.
> can't I have my users file only with encrypted passwords?
Yes, but you have to use the correct attribute names, and use ":="
wifi NT-Password := 0xCAF13C4F321B608B27FD75D2549BA53C
That will work.
Alan DeKok.
More information about the Freeradius-Users
mailing list