Unable to Authenticate with SHA Password

Alan DeKok aland at deployingradius.com
Mon Sep 12 17:15:56 CEST 2011


Rajkumar balaji wrote:
> Hi All,
> 
> I am unable to authenticate the When I send SHA password to the FreeRADIUS.
> 
> I have configured SHA-Password := "admin123" in the users file.

  That's not a SHA password.  It's a clear-text password.


> My Password is admin123 and after SHA messagedigest its
> -50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48

  I have no idea what that is.  SHA returns a hex string.

> RADIUS is getting the request but its rejecting it.
> 
> Please find the following radius logs,
> 
> rad_recv: Access-Request packet from host 172.17.148.152 port 50459, id=0,
> length=111
>         User-Name = "emsadmin"
>         User-Password =
> "-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48"

  Huh?  You have this all completely backwards.

  Give the clear-text password to "radclient".  It should show up in the
debug output as  User-Password = "admin123".

  Put the hex version of the SHA has into the "users" file, as:

emsadmin	SHA-Password := 0x123456789abcdef....

  It WILL work.

  Alan DeKok.





More information about the Freeradius-Users mailing list