Unable to setup freeradius server to authenticate from Unix username/passwords
Mohit Aron
extproxy at gmail.com
Tue Feb 28 08:34:07 CET 2012
Hello,
I'm using the freeradius 2.10 server that comes with Ubuntu 11.10. I'm unable
to set it up so as to authenticate incoming requests from the Unix
username/passwords stored in /etc/{passwd, shadow}.
Here is a description of my setup. I've setup wifi security on my wireless
router to WPA-Enterprise and entered the IP address of the radius server in the
router to that of a Linux machine running freeradius.
Here's a description of all the changes I made to /etc/freeradius directory to
even reach the point to make it partially work:
1) chown -R freerad /etc/freeradius
The above is needed as Ubuntu seems to install every file there as root and
thus the freeradius server which runs as user freerad isn't able to read
the configuration files.
2) Modified /etc/freeradius/clients.conf to accept requests from my router's IP
address. Also added the shared key testing123 there - which is the same that
was put in the router while configuring it with a radius server.
3) Changed the 'group =' setting inside /etc/freeradius/radiusd.conf to make it
'shadow' to enable it to lookup /etc/shadow.
4) Uncommmented the keyword 'unix' in both
/etc/freeradius/sites-enabled/{inner-tunnel,default}
5) Modified /etc/default/freeradius to pass option '-X' to the freeradius
server.
I've tried using both Windows 7 as well as an iPad as a client to connect using
wifi. Each time, the freeradius server running on my Linux box denies the
requests. I should mention that a 'radtest' succeeds - so I'm entering the
username/passwd correctly. I'm attaching the output of the freeradius
server when iPad is used. In a separate email I'll also attach the
output from Windows 7 (to avoid going over the 100KB message limit in
this email).
Any help is appreciated.
- Mohit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iPad.out
Type: application/octet-stream
Size: 62481 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120227/0860894e/attachment.obj>
More information about the Freeradius-Users
mailing list