Hi all, I've been trying to encrypt the passwords in mySQL using SHA1 or MD5 without any luck for the last several days. First let me tell you a bit about our system: RedHat ES 4 freeradius-1.0.1-2.RHEL4 freeradius-mysql-1.0.1-2.RHEL4 mysql-server-4.1.7-4.RHEL4.1 mysql-4.1.7-4.RHEL4.1 Everything works fine with clear text passwords and if I use Unix Crypt. This is the config that works with Unix Crypt: radcheck +-----+------------+---------------+----+------------------------------- ---------------------------+ | id | UserName | Attribute | op | Value | +-----+------------+---------------+----+------------------------------- ---------------------------+ | 844 | bogdan | Crypt-Password | == | 55MCU5TXMoKsA | +-----+------------+---------------+----+------------------------------- ---------------------------+ usergroup +-----+------------+-------------+ | id | UserName | GroupName | +-----+------------+-------------+ | 844 | bogdan | adsl-static | +-----+------------+-------------+ radgroupcheck +----+-------------+-----------+----+-------+ | id | GroupName | Attribute | op | Value | +----+-------------+-----------+----+-------+ | 1 | adsl | Auth-Type | := | PAP | | 2 | adsl-static | Auth-Type | := | PAP | radius.conf ------------- ........................... modules { .................. pap { encryption_scheme = crypt } .................... } authenticate { .............. Auth-Type PAP { pap } ............... } This works perfect ! now I want to use MD5 or SHA1 so I change: pap { encryption_scheme = sha1 (or md5) } and this is what I get in /usr/sbin/radiusd -X modcall[authorize]: module "sql" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type PAP auth: type "PAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_pap: login attempt by "shipcoadsl" with password test rlm_pap: Crypt-Password attribute but encryption scheme is not set to CRYPT modcall[authenticate]: module "pap" returns fail for request 0 modcall: group Auth-Type returns fail for request 0 if I change: +-----+------------+---------------+----+------------------------------- ---------------------------+ | id | UserName | Attribute | op | Value | +-----+------------+---------------+----+------------------------------- ---------------------------+ | 844 | bogdan | Crypt-Password | == | {md5} password | +-----+------------+---------------+----+------------------------------- ---------------------------+ to: +-----+------------+---------------+----+------------------------------- ---------------------------+ | id | UserName | Attribute | op | Value | +-----+------------+---------------+----+------------------------------- ---------------------------+ | 844 | bogdan | User-Password | == | {md5} password | +-----+------------+---------------+----+------------------------------- ---------------------------+ and this is what I get: rlm_sql (sql): No matching entry in the database for request from user [shipcoadsl] rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns notfound for request 0 modcall: group authorize returns ok for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [shipcoadsl/test] (from client TestNAS2 port 0) I also tried changing: radgroupcheck +----+-------------+-----------+----+-------+ | id | GroupName | Attribute | op | Value | +----+-------------+-----------+----+-------+ | 1 | adsl | Auth-Type | := | PAP | to: radgroupcheck +----+-------------+-----------+----+-------+ | id | GroupName | Attribute | op | Value | +----+-------------+-----------+----+-------+ | 1 | adsl | Auth-Type | := | MD5 | then add: authenticate { .............. Auth-Type MD5 { pap } ............... } an I got exactly the same answer as before! Tried adding to the radgroupreply: | 26 | adsl-static | Auth-Type | := | PAP | 0 | but still no luck! Is this a bug? What am I missing? Your help will be greatly appreciated! Thanks, Bogdan.