users are sending CHAP passwords
Sorry for the double post before. I'm still stuck with that problem: How to tel the user not to send CHAP-Password ? As to the server version i will update to 1.1.6 later on today. Thx a lot. ----- Original Message ---- From: Peter Nixon <listuser@peternixon.net> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Sent: Thursday, May 17, 2007 10:28:34 AM Subject: Re: freeradius + pap + md5 (or encrypt) problem On Thu 17 May 2007, vik wrote:
Hello,
I have 1.1.3 server version.
Please update to 1.1.6
I would like to be able to store encrypted passwords on my computer, but i can't. I've read about everything dealing with this problem, but still i cannot manage to succeed.
In my users file i have
DEFAULT Auth-Type := PAP Fall-Through = Yes
This bit is not necessary..
gogo User-Password := "my_encrypted_password_using_md5" ....
Here i've tried also with Crypt-Password, but it doesn't work either.
You do need to use Crypt-Password...
Still i have in the debugs: Auth: rlm_pap: Attribute "Password" is required for authentication. Cannot use "CHAP-Password".
Why is rlm_pap receiving an CHAP-Password argument, i don't understand, i have disabled all chap options in the radiusd.conf.
Because your users are sending you CHAP passwords. If you don't support them, tell your users to send use PAP instead.. -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ____________________________________________________________________________________ Get your own web address. Have a HUGE year through Yahoo! Small Business. http://smallbusiness.yahoo.com/domains/?p=BESTDEAL
Option 1 - you have control over NAS: Configure NAS to accept only PAP authentification. Clents will have to enable PAP if it is disabled (see option 2) Option 2 - clent side approach Configure clients to use only pap. For XP: Go to Network Connections and open Properties for this connection Click on Security tab Click on Advanced radio button and Settings button Leave only PAP ticked OK, OK to exit Ivan KAlik KAlik Informatika ISP Dana 17/5/2007, "vik" <vik_viktor@yahoo.com> piše:
Sorry for the double post before.
I'm still stuck with that problem:
How to tel the user not to send CHAP-Password ?
As to the server version i will update to 1.1.6 later on today.
Thx a lot.
----- Original Message ---- From: Peter Nixon <listuser@peternixon.net> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Sent: Thursday, May 17, 2007 10:28:34 AM Subject: Re: freeradius + pap + md5 (or encrypt) problem
On Thu 17 May 2007, vik wrote:
Hello,
I have 1.1.3 server version.
Please update to 1.1.6
I would like to be able to store encrypted passwords on my computer, but i can't. I've read about everything dealing with this problem, but still i cannot manage to succeed.
In my users file i have
DEFAULT Auth-Type := PAP Fall-Through = Yes
This bit is not necessary..
gogo User-Password := "my_encrypted_password_using_md5" ....
Here i've tried also with Crypt-Password, but it doesn't work either.
You do need to use Crypt-Password...
Still i have in the debugs: Auth: rlm_pap: Attribute "Password" is required for authentication. Cannot use "CHAP-Password".
Why is rlm_pap receiving an CHAP-Password argument, i don't understand, i have disabled all chap options in the radiusd.conf.
Because your users are sending you CHAP passwords. If you don't support them, tell your users to send use PAP instead..
--
Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
____________________________________________________________________________________ Get your own web address. Have a HUGE year through Yahoo! Small Business. http://smallbusiness.yahoo.com/domains/?p=BESTDEAL - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (2)
-
tnt@kalik.co.yu -
vik