Simple Configuration of using passwd-like file, howto needed

Thu Jul 8 15:02:48 CEST 2010

Hello All freeradius users

I have been trying to get my freeradius to do authentication against a passwd-like file using the passwd module.

I'm running FreeRadius 2.1.8 on a Debian 4.0 Server used lenny-backports for the installation.

My specific configuration to get this working looks like this

Passwd module file
        filename = /etc/tac-plus/passwd
        format = *User-Name:User-Password
        hashsize = 0
        delimiter = :
        authtype = pap

the password file looks like this /etc/tac-plus/passwd
jmd:TLw0SiK4QfQxg:159:20::/home/jmd:/bin/bash

users file
DEFAULT         NAS-IP-Address == 172.31.254.4
                Cisco-AVPair += 'Wireless-WCS:role0=SuperUsers',
                Cisco-AVPair += 'Wireless-WCS:task0=Users and Groups',
                Cisco-AVPair += 'Wireless-WCS:task1=Audit Trails',

There is no problem in stating the freeradius server

The debug output look like this when I try to do an authentication using radtest command
rad_recv: Access-Request packet from host 127.0.0.1 port 40466, id=179, length=55
        User-Name = "jmd"
        User-Password = "password"
        NAS-IP-Address = 172.31.254.4
        NAS-Port = 0
Thu Jul  8 15:02:10 2010 : Info: +- entering group authorize {...}
Thu Jul  8 15:02:10 2010 : Info: ++[preprocess] returns ok
Thu Jul  8 15:02:10 2010 : Info: ++[chap] returns noop
Thu Jul  8 15:02:10 2010 : Info: ++[mschap] returns noop
Thu Jul  8 15:02:10 2010 : Info: [suffix] No '@' in User-Name = "jmd", looking up realm NULL
Thu Jul  8 15:02:10 2010 : Info: [suffix] No such realm "NULL"
Thu Jul  8 15:02:10 2010 : Info: ++[suffix] returns noop
Thu Jul  8 15:02:10 2010 : Info: [eap] No EAP-Message, not doing EAP
Thu Jul  8 15:02:10 2010 : Info: ++[eap] returns noop
Thu Jul  8 15:02:10 2010 : Info: [files] users: Matched entry DEFAULT at line 49
Thu Jul  8 15:02:10 2010 : Info: ++[files] returns ok
Thu Jul  8 15:02:10 2010 : Info: ++[expiration] returns noop
Thu Jul  8 15:02:10 2010 : Info: ++[logintime] returns noop
Thu Jul  8 15:02:10 2010 : Info: [pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
Thu Jul  8 15:02:10 2010 : Info: ++[pap] returns noop
Thu Jul  8 15:02:10 2010 : Info: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Thu Jul  8 15:02:10 2010 : Info: Failed to authenticate the user.
Thu Jul  8 15:02:10 2010 : Info: Using Post-Auth-Type Reject
Thu Jul  8 15:02:10 2010 : Info: +- entering group REJECT {...}
Thu Jul  8 15:02:10 2010 : Info: [attr_filter.access_reject]    expand: %{User-Name} -> jmd
Thu Jul  8 15:02:10 2010 : Debug:  attr_filter: Matched entry DEFAULT at line 11
Thu Jul  8 15:02:10 2010 : Info: ++[attr_filter.access_reject] returns updated
Thu Jul  8 15:02:10 2010 : Info: Delaying reject of request 19 for 1 seconds
Thu Jul  8 15:02:10 2010 : Debug: Going to the next request
Thu Jul  8 15:02:10 2010 : Debug: Waking up in 0.9 seconds.
Thu Jul  8 15:02:11 2010 : Info: Sending delayed reject for request 19
Sending Access-Reject of id 179 to 127.0.0.1 port 40466
Thu Jul  8 15:02:11 2010 : Debug: Waking up in 4.9 seconds.

Radtest command:
radtest jmd password localhost 0 secret

I have no clue of what I'm doing wrong !!
Please help me
Best regards
Jan Madsen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100708/14a2993b/attachment.html>