RE: Still having issue with radtest
I apologize for not using proper terms since this is new to me, I tend to associate to something I do know. 1.) Since I attempting to use the sql database for authentication purpose, would it be best if I made sure that radius@localhost (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well) 2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret. My apologies for calling it a preshare key. This is an IPSec term that I have used for a few years. 3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it. Thanks again. Dwane ________________________________ From: Atkins, Dwane P Sent: Sat 3/25/2006 11:34 AM To: freeradius-users@lists.freeradius.org Subject: Still having issue with radtest A couple questions I have not asked about this issue? Do both the user@localhost and localhost need access to the Sql database. I am at a loss as to why everytime I run this process, it tells me that I have an invalid preshare key. Do they preshare keys need to be in quotes. If I have a user called radius with a password of radiustest and my localhost preshare is BASEBALL, then would my syntax be, radtest radius radiustest localhost 1645 BASEBALL ? Or woudl I need to put quotes around the alpha characters. I cannot move on until I get this resolved obviously and I am not sure where to try. I can get issues resolved with the SQL portion, but to get it to see the local host, I am at a loss. If anyone can think of anything else I can possibly try, please let me know. If not, I appreciate all your efforts. Dwane
"Atkins, Dwane P" <ATKINSD@uthscsa.edu> wrote:
I apologize for not using proper terms since this is new to me, I tend to associate to something I do know.
Which can help sometimes. Not always.
1.) Since I attempting to use the sql database for authentication purpose, would it be best if I made sure that radius@localhost (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well)
I'm not sure what that means. You're not being very specific about what's what.
2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret.
It's just another comman-line option. It doesn't need quotes. This is Unix 101.
3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it.
I think you're trying to start by making complex configurations, without really understanding what the terminology is, what it means, or how the server works. Start off with the simplest configuration and test it. Then, work towards a more complex configuration. Alan DeKok.
Atkins, Dwane P wrote:
1.) Since I attempting to use the sql database for authentication purpose,
No you are not. You are trying to use sql for AUTHORIZATION. FreeRADIUS will do the AUTHENTICATION based on what it finds in the database during the AUTHORIZATION phase. Understand that and it will get you much further along.
would it be best if I made sure that radius@localhost <mailto:radius@localhost> (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well)
GRANT SELECT ON radius.* TO radius@localhost IDENTIFIED BY 'somepassword' I think is what you want. You will probably also want to grant that user INSERT and UPDATE privs on the radacct table. "somepassword" is what you would use if you did this on the commandline: mysql -u radius -psomepassword radius It is *not* the password for the user trying to auth, nor the shared secret.
2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret. My apologies for calling it a preshare key. This is an IPSec term that I have used for a few years.
No quotes.
3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it.
Read it again. Start working from the beginning, not the middle. Do a fresh install and DO NOT change the config files. Put a test user in the "users" file and make sure radtest works (no SQL until you make this work!). Then make 1 change at a time and work up to the config you want. -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com
participants (3)
-
Alan DeKok -
Atkins, Dwane P -
Dennis Skinner