Freeradius 2.1.6: Store Cisco device "enable" password in Postgresql DB
Difan Zhao
difan.zhao at guest-tek.com
Tue May 4 21:01:53 CEST 2010
Hey guys,
This should be a quick one.
When I "enable" on a Cisco device, it sends a request with username "$enab15$".
rad_recv: Access-Request packet from host 172.17.254.100 port 1645, id=92, length=84
NAS-IP-Address = 172.17.254.100
NAS-Port = 1
NAS-Port-Type = Virtual
User-Name = "$enab15$"
Calling-Station-Id = "172.17.1.1"
User-Password = "password"
Service-Type = Administrative-User
I used to store the username and password in the "users" file and it was working fine:
$enab15$ Cleartext-Password := "password"
Now I am trying to move this user from the file to the postgresql DB and my "radcheck" table looks like:
radius=# select * from radcheck;
id | username | attribute | op | value
----+----------+--------------------+----+-----------
1 | $enab15$ | Cleartext-Password | := | password
And it doesn't work. Then I am checking the debug and I found that the "$" in the username was interpreted to something like "=24":
[sql] expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = '=24enab15=24' ORDER BY id
Then I changed the username to this "=24enab15=24" and now it works.
I am just curious how freeradius or %{SQL-User-Name} treats special characters in "username"... Is there a way to treat them AS-IS?
Thank you!
Difan Zhao, M.Eng
Network Engineer
Guest-Tek Interactive Entertainment Inc.
www.guest-tek.com
Email: difan.zhao at guest-tek.com
Office: +1 (403) 509 1010 ext 3048
Cell: +1 (403) 689 7514
More information about the Freeradius-Users
mailing list