Issues with special character 'ß' in password?

Rudolf Mayer rmayer at
Mon May 2 19:15:24 CEST 2016

Hi All!

I tried to find information on this on the web, but didn't succeed.

I am using freeradius, which is using PAM to talk to an LDAP, together 
with a Cisco ASA, and all works fine, except that I have a few users 
that use a 'ß' in their password (ß is a special German character, 
similar to an s).

It seems that somewhere along the lines the characters get scrambled.

*) Trying with the Cisco ASA radius test client, I see in the freeradius 
logs things like

Auth: Login incorrect: [blabla/D$D4?p?591924] (from client xxx port y)

(the ? where initially ß)

*) And with the radtest tool:

radtest blabla 'ßß' secret
Auth: Login incorrect: [blabla/<C3>?<C3>?] (from client xxx port 18120)

Is there any specific restriction on characters that are allowed? ß is 
part of the ISO/IEC 8859-1, so it doesn't actually require unicode or 
the likes.

I would also rule out any issues with my LDAP backend, as the passwords 
work fine when doing authentication directly via LDAP PAM, and via 
various other applications using an Apache module.

Any hint would be welcome!


More information about the Freeradius-Users mailing list