FreeRADIUS + MySQL + md5 passwords?

Jan Mulders lastchancehotel at gmail.com
Mon Sep 25 01:27:28 CEST 2006 

Hello all.

I'm trying to get FreeRADIUS to authenticate against MD5 passwords. Here's
the relevant part of my config...

............
modules {
                    pap {
                            encryption_scheme = md5
                                }
......
instantiate {
                #mysqlcounter

}

authorize {
                preprocess
                sql
}

authenticate {
                pap
}

preacct {
                preprocess
}

accounting {
                #acct_unique
                #detail
                sql
                radutmp # ?
}


session {
                radutmp # ?
                sql

}
[end of file]

I have the passwords in my database as MD5 (I have included a testuser2 with
a plaintext password for troubleshooting):

id         UserName         Attribute         op         Value
1     testuser1     Password     ==     ae2b1fca515949e5d54fb22b8ed95575
2     testuser2     Password     ==     testing

What do I need to do to make FreeRADIUS authenticate passwords sent as
plaintext to it from a client NAS, to MD5 stored in the database?
Is this possible?

(please see attempt logs below)

Regards,

Jan Mulders

### client request ###
www~# radtest testuser1 testing localhost:1812 3 testing123
Sending Access-Request of id 111 to 127.0.0.1 port 1812
        User-Name = "testuser1"
        User-Password = "testing"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 3
Re-sending Access-Request of id 111 to 127.0.0.1 port 1812
        User-Name = "testuser1"
        User-Password = "testing"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 3
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=111, length=20
0www~#


### radiusd log ###
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:49086, id=111, length=61
        User-Name = "testuser1"
        User-Password = "testing"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 3
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): No matching entry in the database for request from user
[testuser1]
Login incorrect: [testuser1/testing] (from client localhost port 3)
rad_recv: Access-Request packet from host 127.0.0.1:49086, id=111, length=61
Sending Access-Reject of id 111 to 127.0.0.1 port 49086
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060925/05f2f26d/attachment.html>

More information about the Freeradius-Users mailing list