<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<TITLE>Message</TITLE>
<META content="MSHTML 6.00.2900.2873" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Tahoma size=2><SPAN class=512530219-04052006>Hi
all,</SPAN></FONT></DIV>
<DIV><FONT face=Tahoma size=2><SPAN
class=512530219-04052006></SPAN></FONT> </DIV>
<DIV><FONT face=Tahoma size=2><SPAN class=512530219-04052006>I've been trying to
encrypt the passwords in mySQL using SHA1 or MD5 without any luck for the last
several days.</SPAN></FONT></DIV>
<DIV><FONT face=Tahoma size=2><SPAN
class=512530219-04052006></SPAN></FONT> </DIV>
<DIV><FONT face=Tahoma size=2><SPAN class=512530219-04052006>First let me tell
you a bit about our system:</SPAN></FONT></DIV>
<DIV><FONT face=Tahoma size=2></FONT> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>RedHat ES
4</FONT></SPAN></DIV>
<DIV><FONT face=Tahoma size=2>freeradius-1.0.1-2.RHEL4</FONT></DIV>
<DIV><FONT face=Tahoma size=2>freeradius-mysql-1.0.1-2.RHEL4</FONT></DIV>
<DIV><FONT face=Tahoma
size=2>mysql-server-4.1.7-4.RHEL4.1<BR>mysql-4.1.7-4.RHEL4.1</FONT></DIV>
<DIV><FONT face=Tahoma size=2></FONT> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>Everything works
fine with clear text passwords and if I use Unix Crypt.</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>This is the config
that works with Unix Crypt:</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>radcheck</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
id | UserName | Attribute | op |
Value
|<BR>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
844 | bogdan | Crypt-Password | == | <FONT face="Times New Roman"
size=3>55MCU5TXMoKsA</FONT>
|<BR>+-----+------------+---------------+----+----------------------------------------------------------+</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>usergroup</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>+-----+------------+-------------+<BR>| id | UserName |
GroupName |<BR>+-----+------------+-------------+<BR>| 844
| bogdan | adsl-static
|<BR>+-----+------------+-------------+</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>radgroupcheck</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>+----+-------------+-----------+----+-------+<BR>| id |
GroupName | Attribute | op | Value
|<BR>+----+-------------+-----------+----+-------+<BR>| 1 |
adsl | Auth-Type | := |
PAP |<BR>| 2 | adsl-static | Auth-Type | := | PAP
|</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>radius.conf</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>-------------</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>...........................</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>modules
{</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>..................</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2> pap
{<BR>
encryption_scheme = crypt<BR>
}</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>....................</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>}</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>authenticate
{</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>..............<BR> Auth-Type
PAP
{<BR>
pap<BR> }</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>...............</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>}</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>This works perfect
!</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>now I want to use
MD5 or SHA1 so I change:</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2> pap
{<BR>
encryption_scheme = sha1 (or
md5)<BR> }</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>and this is what I get in /usr/sbin/radiusd
-X</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006> modcall[authorize]: module "sql"
returns ok for request 0<BR>modcall: group authorize returns ok for request
0<BR> rad_check_password: Found Auth-Type PAP<BR>auth: type
"PAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall:
entering group Auth-Type for request 0<BR>rlm_pap: login attempt by "shipcoadsl"
with password test<BR>rlm_pap: Crypt-Password attribute but encryption scheme is
not set to CRYPT<BR> modcall[authenticate]: module "pap" returns fail for
request 0<BR>modcall: group Auth-Type returns fail for request 0</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>if I change:</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><SPAN class=512530219-04052006><FONT
face=Tahoma
size=2>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
id | UserName | Attribute | op |
Value
|<BR>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
844 | bogdan | Crypt-Password | == | {<FONT face="Times New Roman"
size=3>md5}
password</FONT> |<BR>+-----+------------+---------------+----+----------------------------------------------------------+</FONT></SPAN></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><SPAN
class=512530219-04052006></SPAN></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><SPAN
class=512530219-04052006>to:</SPAN></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><SPAN
class=512530219-04052006></SPAN></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><SPAN class=512530219-04052006><SPAN
class=512530219-04052006><FONT face=Tahoma
size=2>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
id | UserName | Attribute | op |
Value
|<BR>+-----+------------+---------------+----+----------------------------------------------------------+<BR>|
844 | bogdan | User-Password | == | <FONT face="Times New Roman"
size=3><FONT face=Tahoma size=2>{</FONT><FONT face="Times New Roman" size=3>md5}
password</FONT></FONT>
|<BR>+-----+------------+---------------+----+----------------------------------------------------------+</FONT></SPAN></SPAN></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><SPAN
class=512530219-04052006></SPAN></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><SPAN class=512530219-04052006>and this is
what I get:</SPAN></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><SPAN
class=512530219-04052006></SPAN></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>rlm_sql (sql): No matching entry in the
database for request from user [shipcoadsl]<BR>rlm_sql (sql): Released sql
socket id: 4<BR> modcall[authorize]: module "sql" returns notfound for
request 0<BR>modcall: group authorize returns ok for request 0<BR>auth: No
authenticate method (Auth-Type) configuration found for the request: Rejecting
the user<BR>auth: Failed to validate the user.<BR>Login incorrect:
[shipcoadsl/test] (from client TestNAS2 port 0)</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>I also tried changing:</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>radgroupcheck</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>+----+-------------+-----------+----+-------+<BR>| id |
GroupName | Attribute | op | Value
|<BR>+----+-------------+-----------+----+-------+<BR>| 1 |
adsl | Auth-Type | := |
PAP |<BR></FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>to:</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>radgroupcheck</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>+----+-------------+-----------+----+-------+<BR>| id |
GroupName | Attribute | op | Value
|<BR>+----+-------------+-----------+----+-------+<BR>| 1 |
adsl | Auth-Type | :=
| MD5 |</FONT></SPAN></DIV><SPAN class=512530219-04052006><FONT
face=Tahoma size=2></FONT></SPAN></FONT></SPAN></DIV><SPAN
class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN></FONT></SPAN></SPAN></DIV><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN></FONT></SPAN></SPAN></FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN></FONT></SPAN></SPAN></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN></FONT></SPAN></SPAN></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma size=2>then
add:</FONT></SPAN></FONT></SPAN></SPAN></FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma
size=2></FONT></SPAN></FONT></SPAN></SPAN></FONT></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2><SPAN
class=512530219-04052006><SPAN class=512530219-04052006><FONT face=Tahoma
size=2><SPAN class=512530219-04052006><FONT face=Tahoma size=2>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma size=2>authenticate
{</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>..............<BR>
Auth-Type MD5
{<BR>
pap<BR> }</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>...............</FONT></SPAN></DIV>
<DIV><SPAN class=512530219-04052006><FONT face=Tahoma
size=2>}</FONT></SPAN></DIV></DIV>
<DIV><BR></DIV></FONT></SPAN></FONT></SPAN></SPAN>
<DIV><SPAN class=512530219-04052006>an I got exactly the same answer as
before!</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>Tried adding to the
radgroupreply:</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>| 26 | adsl-static |
Auth-Type | := |
PAP
| 0 |<BR></DIV></SPAN>
<DIV><SPAN class=512530219-04052006>but still no luck!</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>Is this a bug? What am I
missing?</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006></SPAN><SPAN class=512530219-04052006>Your
help will be greatly appreciated!</SPAN></DIV>
<DIV><SPAN class=512530219-04052006></SPAN> </DIV>
<DIV><SPAN class=512530219-04052006>Thanks,</SPAN></DIV>
<DIV><SPAN
class=512530219-04052006>Bogdan.</SPAN></DIV></FONT></SPAN></BODY></HTML>