3.0.0: slightly confusing mods-config/files/authorize "John Doe"
Stefan Winter
stefan.winter at restena.lu
Wed Oct 16 09:25:51 CEST 2013
Hi,
as every year, I'm unleashing the most current version of FreeRADIUS on
my unsuspecting students, to see if they find their way around.
This year it was 3.0.0 (yesterday, nice timing!) and there was one
unfortunate thing.
3.0.0 by default enables "files" for flatfile username and password
storage, which is good.
In mods-config/files/authorize, the first "normal" entry (not Reject,
proper cleartext-password, not a DEFAULT entry, only a single harmless
reply item) is the example of "John Doe".
In 2.x.x, I used to tell folks that the John Doe entry is the example to
uncomment and test auth against.
With the shipped default config of 3.0.0 though, John Doe will be
rejected even if his password is correct - the "filter_username" will
block the user before he even gets to password checking.
IMHO, the mods-config/files/authorize should either
a) contain a "normal" user higher up, so that it springs to mind as "the
thing to do". E.g. a johndoe instead of/before a "John Doe"
b) the comments before "John Doe" should explain that for this example
to work, filter_username needs to be disabled.
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x8A39DC66.asc
Type: application/pgp-keys
Size: 3243 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131016/c5159220/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131016/c5159220/attachment.pgp>
More information about the Freeradius-Users
mailing list