password encryption problem
Hegedus Gabor
hegedus.gabor at euroway.hu
Fri Jul 31 15:29:33 CEST 2009
Nicolas Goutte wrote:
>
> Am 31.07.2009 um 15:13 schrieb Hegedus Gabor:
>
>> Hi all!
>>
>> I have a problem, I want to authenticate console users in cisco
>> switches.
>> In the 2960, the switch send the password in cleartext, nothing problem.
>>
>> User-Password="password"
>
> Please try using
>
> Cleartext-Password := "password"
>
> in the users file (or similarly in databases).
>
>
as I said I tried clear text password in the ldap, and nothing changed.
My user is in the ldap and not in the users file.
>>
>> but int the 2950, the switch can only send in "crypted" version like
>> this:
>>
>> NAS-Port-Type = Virtual
>> User-Name = "test"
>> Calling-Station-Id = "192.168.***"
>> User-Password = "\\342\455\325]̍\322\tM~\237\616}\266\426"
>> Service-Type = Login-User
>>
>> In the ldap database I tried all of the encription type (clear, md5,
>> crypt, md5crypt) but every time reject the authentication:
>>
>> frad debug:
>>
>> Failed to authenticate the user.
>> Login incorrect (rlm_ldap: Bind as user failed):
>> [test/\\_\266\065]�?\663\tM~\667\354}\126\316] (from client switch
>> port 1 cli 192.168.***
>> WARNING: Unprintable characters in the password. Double-check the
>> shared secret on the server and the NAS!
>>
>>
>> What can I do in the freeradius, what I forgot?
>> Thanks! Gabor
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>
>
> Have a nice day!
>
> Nicolas Goutte
>
>
> extragroup GmbH - Karlsruhe
> Waldstr. 49
> 76133 Karlsruhe
> Germany
>
> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
> Registergericht: Amtsgericht Münster / HRB: 5624
> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list