Regarding pam_radius_auth to be integrated with busybox

Deep Shah deep.shah at strixsystems.com
Mon Oct 29 14:24:23 CET 2012 

Hi,

I am trying to integrate linux-pam library and pam_radius_auth module to my
busybox 1.17.3 version. I want to login through radius server on the host
machine. I am using power pc as my board. I have configured the files of
configuration as below.

*client.conf* * (conf file)*
client 192.168.100.26 {
         secret          = testing123
}

*user (conf file)*
test Auth-Type := PAP, Cleartext-Password := "testpass"
          Reply-Message = "Hello, %{User-Name}, you have successfully
authenticated your login"

I am getting request on the server side but some error is coming on the
server of password mismatch. Please find the below log for the same.

rad_recv: Access-Request packet from host 192.168.100.26 port 2970, id=106,
length=69
    User-Name = "test"
    User-Password = "C\2758\330E\345RZ\3707\227\001\265[\202H"
    NAS-Identifier = "login"
    NAS-Port = 1945
    NAS-Port-Type = Virtual
    Service-Type = Authenticate-Only
# Executing section authorize from file
/usr/local/etc/raddb//sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry test at line 54
[files]     expand: Hello, %{User-Name}, you have successfully
authenticated your login -> Hello, test, you have successfully
authenticated your login
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!    Replacing User-Password in config items with Cleartext-Password.
!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good"
!!!
!!! clear text password is in Cleartext-Password, and not in User-Password.
!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/local/etc/raddb//sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "C�8�E�RZ�7??�[?H"
[pap] Using clear text password "testpass"
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
  WARNING: Unprintable characters in the password.  Double-check the shared
secret on the server and the NAS!
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb//sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 106 to 192.168.100.26 port 2970
    Reply-Message = "Hello, test, you have successfully authenticated your
login"
Waking up in 4.9 seconds.
Cleaning up request 1 ID 106 with timestamp +37
Ready to process requests.

Can you please suggest what might be the issue is? I am getting password as
not readable string when I have used the correct password in radius client
and radius server.

Regards,
Deep
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121029/bd3df284/attachment.html>

More information about the Freeradius-Users mailing list