Radius + PostgreSQL + MD5 Passwords
Phillip Smith
fukawi2 at gmail.com
Mon Feb 8 00:28:39 CET 2010
On 5 February 2010 18:34, Alan DeKok <aland at deployingradius.com> wrote:
>> 3) Any pointers in the right direction to how to achieve what I am after?
>
> See "man rlm_pap". You can use the "auto-header" thing, or just use
> MD5-Password directly:
>
> # "users" file entry:
> bob MD5-Password := 0x12345...
> #
Thanks for your reply Alan :)
This is where I'm stuck at the moment:
rlm_sql_postgresql: affected rows =
radius_xlat: 'SELECT radgroupreply.id, radgroupreply.GroupName,
radgroupreply.Attribute, ??radgroupreply.Value, radgroupreply.Op
??FROM radgroupreply,usergroup ??WHERE usergroup.Username = 'frank'
AND usergroup.GroupName = radgroupreply.GroupName ??ORDER BY
radgroupreply.id'
rlm_sql_postgresql: query: SELECT radgroupreply.id,
radgroupreply.GroupName, radgroupreply.Attribute,
??radgroupreply.Value, radgroupreply.Op ??FROM radgroupreply,usergroup
??WHERE usergroup.Username = 'frank' AND usergroup.GroupName =
radgroupreply.GroupName ??ORDER BY radgroupreply.id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
The data in my SQL database:
radius=> SELECT * FROM radcheck;
id | username | attribute | op | value
----+----------+--------------+----+----------------------------------
0 | frank | MD5-Password | := | aaabf0d39951f3e6c3e8a7911df524c2
(1 row)
My radiusd.conf file is here: http://www.pastebin.ca/1789575
(Sorry, not sure about the accepted practise for sharing such a large
file on this list)
I forgot to mention in my first post that this is
freeradius-1.1.3-1.5.el5_4 on CentOS 5.4. Do I need 2.1.8 for this MD5
stuff to work? I'd prefer to be able to use the distro's packages, but
if I have to compile it to make it work then I don't really have a
choice ;-)
More information about the Freeradius-Users
mailing list