Problem withrlm_password to authenticate user against passwd like file

Valery V. Bobrov vb at uvttk.ru
Tue Sep 4 07:19:32 CEST 2007


Hello!

I've got passwd file
format is (username:password_in_md5: the rest field is not nessasary)

test2:$1$kjhFHrsb$pS2AZBTcE3m3HNguFhgVs/:0:0::0:0:/none:/none:/none

crypto format: md5

I read FAQ:

 Can I use rlm_password to authenticate user against BLA-BLA-BLApasswd?
A: Probably you can, if BLA-BLA-BLA stores password in some format supported
   by RADIUS, for example cleartext, NT/LM hashes, crypt, Netscape MD5 
format.
   You have to set authtype to corresponding type, for example
    authtype = NS-MTA-MD5
   for Netscape MD5.


in radiusd.conf there is a passwd module(see below)

My question is what "format = " in file should I use in order to use my 
passwd file above?
Should I write something in  section " Authentication" authenticate { ?

I need all users authenticate via my passwdor file/
What should i do for that?

Thank you in advance.

Yours faithfully,
Valery
e-mail vb at uvttk.ru




# passwd module allows to do authorization via any passwd-like
# file and to extract any attributes from these modules
#
# parameters are:
#   filename - path to filename
#   format - format for filename record. This parameters
#            correlates record in the passwd file and RADIUS
#            attributes.
#
#            Field marked as '*' is key field. That is, the parameter
#            with this name from the request is used to search for
#            the record from passwd file
#            Attribute marked as '=' is added to reply_itmes instead
#            of default configure_itmes
#      Attribute marked as '~' is added to request_items
#
#            Field marked as ',' may contain a comma separated list
#            of attributes.
#   authtype - if record found this Auth-Type is used to authenticate
#            user
#   hashsize - hashtable size. If 0 or not specified records are not
#            stored in memory and file is red on every request.
#   allowmultiplekeys - if few records for every key are allowed
#   ignorenislike - ignore NIS-related records
#   delimiter - symbol to use as a field separator in passwd file,
#            for format ':' symbol is always used. '\0', '\n' are
        #      not allowed
#

#  An example configuration for using /etc/smbpasswd.
#
#passwd etc_smbpasswd {
# filename = /etc/smbpasswd
# format = "*User-Name::LM-Password:NT-Password:SMB-Account-CTRL-TEXT::"
# authtype = MS-CHAP
# hashsize = 100
# ignorenislike = no
# allowmultiplekeys = no
#}






More information about the Freeradius-Users mailing list