I am trying to configure a linux machine (Ubuntu 8.04 alpha, 32 bit) with radius authentication using libpam-radius-auth. I installed freeradius-2.0.3 (from selfbuilded deb package) on the same machine and added this line at the top of users file: testuser Cleartext-Password := "testing" Then I installed libpam-radius-auth 1.3.17-0ubuntu1 from the ubuntu repositories. I added the radius entry in /etc/pam.d/sshd: [...] auth required pam_env.so envfile=/etc/default/locale auth sufficient pam_radius_auth.so debug # Standard Un*x authentication. @include common-auth [...] and this on pam_radius_auth.conf: # server[:port] shared_secret timeout (s) 127.0.0.1 testing123 1 When I try to authenticate with ssh into the machine I noticed that freeradius receive this password "\010\n\r\177INCORRECT", that it's not the one I typed. This is the output of auth.log: Mar 18 18:05:59 test sshd[2533]: pam_radius_auth: Got user name testuser Mar 18 18:05:59 test sshd[2533]: pam_radius_auth: Sending RADIUS request code 1 Mar 18 18:05:59 test sshd[2533]: pam_radius_auth: DEBUG: getservbyname(radius, udp) returned -1211761632. Mar 18 18:06:00 test sshd[2533]: pam_radius_auth: RADIUS server 127.0.0.1 failed to respond Mar 18 18:06:00 test sshd[2533]: pam_radius_auth: All RADIUS servers failed to respond. Mar 18 18:06:00 test sshd[2533]: pam_radius_auth: authentication failed Mar 18 18:06:00 test sshd[2533]: pam_unix(sshd:auth): check pass; user unknown Mar 18 18:06:00 test sshd[2533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fabio-mac.local Mar 18 18:06:02 test sshd[2533]: Failed password for invalid user testuser from 10.33.4.8 port 57680 ssh2 This is the output of freeradius -X rad_recv: Access-Request packet from host 127.0.0.1 port 3558, id=65, length=93 User-Name = "testuser" User-Password = "\010\n\r\177INCORRECT" NAS-IP-Address = 127.0.1.1 NAS-Identifier = "sshd" NAS-Port = 2533 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = "fabio-mac.local" +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound users: Matched entry testuser at line 50 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated rad_check_password: Found Auth-Type auth: type "PAP" +- entering group PAP rlm_pap: login attempt with password "? INCORRECT" rlm_pap: Using clear text password "testing" rlm_pap: Passwords don't match ++[pap] returns reject auth: Failed to validate the user. Login incorrect (rlm_pap: CLEAR TEXT password check failed): [testuser/\010\n\r\177INCORRECT] (from client localhost port 2533 cli fabio-mac.local) WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> testuser attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 2 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 2 Sending Access-Reject of id 65 to 127.0.0.1 port 3558 Waking up in 4.9 seconds. Cleaning up request 2 ID 65 with timestamp +135 Ready to process requests. Testig with radtest works fine. I noticed a similar problem some time ago, that seemed to be related to 64 bit machines: http://lists.cistron.nl/pipermail/freeradius-users/2006-August/055877.html However I am using a 32 bit machine on an updated system. Where could be the problem? Thanks, Fabio