cengiz coþkun wrote:
Hi, I have configured freeradius 2.0.0 EAP-ttls and configured a mysql db to store the users. It was working fine until i recently decided to convert the database-stored passwords to md5 encryption.
Store the passwords as "MD5-Password". See "man rlm_pap". You do NOT need to edit anything in the default configuration.
Auth-Type md5 { pap
This is not necessary. Delete it.
pap { encryption_scheme = md5 authtype = md5 auto_header = yes
Did you even read the comments in radiusd.conf for the "pap" module? The "encryption_scheme" should *not* be used in 2.0, and it is *not* documented as a working configuration. -+----------------------+----------------+----+----------------------------------+----------------------+
| 90 | t1 | Crypt-Password | := | 83f1535f99ab0bf4e9d02dfd85d3e3f7 | cengiz
Read "man rlm_pap". Really, it explains almost everything...
and the following in radgroupcheck table. +----+-----------+--------------+----+-------------+ | id | groupname | attribute | op | value | +----+-----------+--------------+----+-------------+ | 1 | dynamic | Auth-Type | := | MD5 |
Delete that entry. It's wrong. Alan DeKok.