pam_radius_auth issue
Phil Mayers
p.mayers at imperial.ac.uk
Fri Jul 21 13:28:49 CEST 2006
Mircea Harapu wrote:
>> PAP sends the following radius request:
>>
>> User-Name = "Someuser"
>> User-Password = "somepassword"
>>
>> HOWEVER, the User-Password field in a radius packet is defined by RFC to
>> be encrypted with the radius shared secret.
>
> The pam_radius_auth is sending User-Password without beeing encrypted .
> I have set the same shared secret in /etc/raddb/server and clients.conf
I believe you are incorrect. Have you looked at the actual packets on
the wire with a sniffer?
Remember, when FreeRadius displays the packet, it has already decrypted
it so of course you will see it in the clear in the FR debug output and
logs.
More information about the Freeradius-Users
mailing list