Frank Winkler wrote:
On the old server, the users were authenticated by regular /etc/passwd means. I got this working on the new server. As there are some new features in the later versions, I'd prefer to move the RADIUS users to a separate smbpasswd-like file but I can't get the authentication to work.
<sigh> See the FAQ about "it doesn't work".
Some questions:
The old server querying itself for a /etc/passwd user: root@old # ./radtest frank XXX localhost 10 test123 Sending Access-Request of id 161 to 127.0.0.1:1812 User-Name = "frank" User-Password = "D[\326<\255h\016A\275\357"%\367\027_y" NAS-IP-Address = XXX NAS-Port-Id = "10" rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=161, length=20 root@old #
Why are you looking at the client side? The README, INSTALL, FAQ, and daily messages on this list say that you should run in debug mode. What do we have to add to the documentation to convince you that this is a good idea?
Why is the password displayed in plain text instead of hashed as on the old server?
Because it helps with debugging.
I'm pretty unsure about the "authtype".
Don't set it. I can post debug outout of radiusd
but it looks like it finds the user in the file but cannot authenticate the password.
So... the passwords don't match? If you're unsure as to how the server works, it would be reasonable to assume that you don't know enough to correctly interpret the debug output. Post it here. Alan DeKok.