Access-Reject in attempted PAP cleartext setup?
Alan DeKok
aland at deployingradius.com
Sun Nov 23 09:54:47 CET 2008
Vincent Fox wrote:
> I am unable to make even a simple PAP cleartext setup
> work and cannot figure out what I am doing wrong. The note
> about it should "just work" well not for me so far.....
Because you're testing with a user that is in /etc/password. And the
password you put into the "users" file isn't the same as in /etc/passwd.
> And radiusd -XXX output shows:
Just a question... why -XXX when all of the documentation, FAQ, etc.
says -X ?
> Sat Nov 22 20:14:19 2008 : Info: ++[unix] returns updated
> Sat Nov 22 20:14:19 2008 : Info: [files] users: Matched entry vf5 at line 93
There you go. The "unix" module matches, as does the "files" module.
> Sat Nov 22 20:14:19 2008 : Info: [pap] Using CRYPT encryption.
That should be a hint, too. It's using crypt because the passwords in
/etc/passwd are crypt'd.
Maybe we need to update the PAP module to look for multiple passwords,
compare them to each other, and then complain loudly if they don't match.
Alan DeKok.
More information about the Freeradius-Users
mailing list