Hi Alan, To give some more debug, the below print is what I am getting on client side. Can you please look in to it? "pam_radius_auth: packet from RADIUS server 192.168.100.19 fails verification: The shared secret is probably incorrect." Regards, Deep On Mon, Oct 29, 2012 at 6:54 PM, Deep Shah <deep.shah@strixsystems.com>wrote:
Hi,
I am trying to integrate linux-pam library and pam_radius_auth module to my busybox 1.17.3 version. I want to login through radius server on the host machine. I am using power pc as my board. I have configured the files of configuration as below.
*client.conf* * (conf file)* client 192.168.100.26 { secret = testing123 }
*user (conf file)*
test Auth-Type := PAP, Cleartext-Password := "testpass" Reply-Message = "Hello, %{User-Name}, you have successfully authenticated your login"
I am getting request on the server side but some error is coming on the server of password mismatch. Please find the below log for the same.
rad_recv: Access-Request packet from host 192.168.100.26 port 2970, id=106, length=69 User-Name = "test" User-Password = "C\2758\330E\345RZ\3707\227\001\265[\202H" NAS-Identifier = "login" NAS-Port = 1945 NAS-Port-Type = Virtual Service-Type = Authenticate-Only # Executing section authorize from file /usr/local/etc/raddb//sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry test at line 54 [files] expand: Hello, %{User-Name}, you have successfully authenticated your login -> Hello, test, you have successfully authenticated your login ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Please update your configuration so that the "known good" !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # Executing group from file /usr/local/etc/raddb//sites-enabled/default +- entering group PAP {...} [pap] login attempt with password "C�8�E�RZ�7??�[?H" [pap] Using clear text password "testpass" [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type Reject # Executing group from file /usr/local/etc/raddb//sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> test attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 106 to 192.168.100.26 port 2970 Reply-Message = "Hello, test, you have successfully authenticated your login" Waking up in 4.9 seconds. Cleaning up request 1 ID 106 with timestamp +37 Ready to process requests.
Can you please suggest what might be the issue is? I am getting password as not readable string when I have used the correct password in radius client and radius server.
Regards, Deep