Hello!
I'm totally new in Linux, as well as in freeradius...
I've installed version 2.1.8 in Linuxmint 7.
I think everything in installation went ok... I succeed doing:
$ radtest user password 127.0.0.1 10 testing123
with user/password the ones that I use to login in my computer. I get a response Access-Accept
(I had some problems here because I wasn't able to get an accept using localhost instead of 127.0.0.1 ...)
I'm now in the next step.
I want to change the secret in clients.conf, so I made the change:
#secret = testing123
secret = abracadabra
I stopped radiusd and started again.
$ radtest user password 127.0.0.1 10 abracadabra
doesn't work any more... and I don't understand why... because I'm using the same word.
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=146, length=20
rad_verify: Received Access-Reject packet from client 127.0.0.1 port 1812 with invalid signature (err=2)! (Shared secret is incorrect.)
I get this log:
rad_recv: Access-Request packet from host 127.0.0.1 port 34217, id=146, length=60
User-Name = "mjimenez"
User-Password = "\353\036\355h\203l\217\362\252\003\203P\270\223\342\231"
NAS-IP-Address = 127.0.1.1
NAS-Port = 10
Sat Mar 27 18:59:31 2010 : Info: +- entering group authorize {...}
Sat Mar 27 18:59:31 2010 : Info: ++[preprocess] returns ok
Sat Mar 27 18:59:31 2010 : Info: ++[chap] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[mschap] returns noop
Sat Mar 27 18:59:31 2010 : Info: [suffix] No '@' in User-Name = "mjimenez", looking up realm NULL
Sat Mar 27 18:59:31 2010 : Info: [suffix] No such realm "NULL"
Sat Mar 27 18:59:31 2010 : Info: ++[suffix] returns noop
Sat Mar 27 18:59:31 2010 : Info: [eap] No EAP-Message, not doing EAP
Sat Mar 27 18:59:31 2010 : Info: ++[eap] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[unix] returns updated
Sat Mar 27 18:59:31 2010 : Info: ++[files] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[expiration] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[logintime] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[pap] returns updated
Sat Mar 27 18:59:31 2010 : Info: Found Auth-Type = PAP
Sat Mar 27 18:59:31 2010 : Info: +- entering group PAP {...}
Sat Mar 27 18:59:31 2010 : Info: [pap] login attempt with password "�?�h?l?��??P�?�?"
Sat Mar 27 18:59:31 2010 : Info: [pap] Using CRYPT encryption.
Sat Mar 27 18:59:31 2010 : Info: [pap] Passwords don't match
Sat Mar 27 18:59:31 2010 : Info: ++[pap] returns reject
Sat Mar 27 18:59:31 2010 : Info: Failed to authenticate the user.
Sat Mar 27 18:59:31 2010 : Debug: WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
Sat Mar 27 18:59:31 2010 : Info: Using Post-Auth-Type Reject
Sat Mar 27 18:59:31 2010 : Info: +- entering group REJECT {...}
Sat Mar 27 18:59:31 2010 : Info: [attr_filter.access_reject] expand: %{User-Name} -> mjimenez
Sat Mar 27 18:59:31 2010 : Debug: attr_filter: Matched entry DEFAULT at line 11
Sat Mar 27 18:59:31 2010 : Info: ++[attr_filter.access_reject] returns updated
Sat Mar 27 18:59:31 2010 : Info: Delaying reject of request 0 for 1 seconds
Sat Mar 27 18:59:31 2010 : Debug: Going to the next request
Sat Mar 27 18:59:31 2010 : Debug: Waking up in 0.9 seconds.
Sat Mar 27 18:59:32 2010 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 146 to 127.0.0.1 port 34217
Sat Mar 27 18:59:32 2010 : Debug: Waking up in 4.9 seconds.
Sat Mar 27 18:59:37 2010 : Info: Cleaning up request 0 ID 146 with timestamp +9
When I had testing123 as secret, in User-Password I could see "my real password" and not "\353\036\355h\203l\217\362\252\00..."
I have checked I have this line in radiusd.conf :
$INCLUDE clients.conf
Maybe is a stupid question and I've to change something more in another conf file. I've not started configuring my NAS yet... I was trying to configure radius first and checking with radtest step by step.
Thank you in advance for any help you can give me,
Marta