Mac Auth with MySQL
Fazal Ahmed Malik
fam at sky.net.pk
Wed Mar 17 16:16:17 CET 2010
Hi,
I also tried MAC based authentication. Users can logged in successfully but
if some others users know the MAC he can also connect. How to check MAC
against CLI. Any help
Best regards,
Fazal
----- Original Message -----
From: "Teguh Kurniawan" <teguhkurniawanwijaya at gmail.com>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, March 16, 2010 1:52 AM
Subject: Re: Mac Auth with MySQL
> On Tue, Mar 16, 2010 at 2:33 AM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk>
> wrote:
>> Hi,
>>
>>> I'll try to make Mac Authentication with MySQL backend. But I always
>>> rejected.
>>> Mac Authentication only works if I add like the following lines into
>>> the /etc/raddb/users.
>>
>>
>>> 90:4 C: E5: 6C: 7E: B6 Auth-Type: = Accept
>>>
>>> I use OpenBSD 4.6, FreeRadius 2.1.3 and MySQL 5.0.83.
>>> What should I do, to make it work with MySQL ?
>>
>>
>> very easy. just set the username to the MAC address and set the value of
>> the
>> clear text password to be the MAC address to. i dont know WHY you've set
>> the
>> value to 'testpwd' - when you use MAC authentication, then the password
>> is the MAC. ie
>>
>>> Database changed
>>> mysql> select * from radcheck;
>>> +----+-------------------+-----------+----+---------+
>>> | id | username | attribute | op | value |
>>> +----+-------------------+-----------+----+---------+
>>> | 2 | 90:4C:E5:6C:7E:B6 | Password | == | testpwd |
>>> +----+-------------------+-----------+----+---------+
>>
>>
>> nope. use this
>>
>> id username attribute op value
>> 10 90:4C:E5:6C:7E:B6 Cleartext-Password := 90:4C:E5:6C:7E:B6
>>
>>> Tue Mar 16 00:40:41 2010 : Debug: WARNING: Are you sure you don't mean
>>> Cleartext-Password?
>>
>> see that hint?
>>
>> if your kit doesnt transmit the correct details in the RADIUS - ie it
>> doesnt
>> transmit the MAC as the password, then you'll have to set the Accept..but
>> that
>> can also be done in the SQL! eg
>>
>> id username attribute op value
>> 11 90:4C:E5:6C:7E:B6 Auth-Type := Accept
>
> it work's. Thank's
>
>> alan
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list