Hi, I can't do that the Cisco won't allow it through. Is pap the only way to use /etc/passwd? Thanks, On 8/16/07, Nicholas Hall <ngharo@gmail.com> wrote:
On 8/15/07, Kelly Ormsby <kelly7478@gmail.com> wrote:
Hi all,
I've installed freeradius 1.1.6 on Fedora core 2 (kernel 2.6.5-1.358) (I can't upgrade please don't go there). I did a basic configure/make/make install.
The only changes to the default configuration is adding an entry to the clients.conf file to allow requests from the Cisco VPN gateway. So far as I can tell CHAP and CHAPv2 should work straight out of the box (as per this page http://deployingradius.com/documents/configuration/auth_type.html).
I've tried to authenticate using a local /etc/passwd user, and I get the output posted below. Is the default configuration enough for it to consult the /etc/passwd files (I thought that is what "DEFAULT Auth-Type = System" did?) or is there something else I need to add. Can CHAP (or CHAPv2) use /etc/passwd? I'm a little confused about the differences and I'm sure thats not helping :)
I'd really rather not list the users individually in the users file, I'd like there to still only be one place to add users, so I'd like to use /etc/passwd file only. I apologise if there is documentation listed on this, I really feel that I've searched everywhere I can and no one seems to give real details.
CHAP requires a clear text password. Tell your client to use PAP. I believe it will work without any configuration on the server.
-- Nicholas Hall ngharo@gmail.com 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Kelly Ormsby Senior Unix Systems Administrator Email: kelly7478@gmail.com Mobile: 0417 910 801