Re: ssh cleartext-password "? INCORRECT" (tnt@kalik.net)
And the matching shared secret for the server and pam_radius_auth.conf
..
Using 'ssh steve@localhost' password: testing
rad_recv: Access-Request packet from host 127.0.0.1 port 26561, id=106, length=83 User-Name = "steve" User-Password = "\010\n\r\177INCORRECT" ****
..
WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
Obviously, shared secrets don't match.
Ivan Kalik Kalik Informatika ISP
I don't that this the case, heres why, radiusd -X produces .. home_server localhost { ipaddr=127.0.0.1 port = 1812 type = "auth" * *secret = "testing123" response_window = 20 max_outstanding = 65536 zombie_period = 40 status_check = "status-server" ping_interval = 30 check_interval = 30 num_answers_to_alive = 3 num_pings_to_alive = 3 revive_interval = 120 status_check_timeout = 4 } .. and here is my /etc/pam_radius_auth.conf (i've tried space / tab delimited ) # server[:port] shared_secret timeout (s) 127.0.0.1 testing123 2 localhost testing123 1 So they are identical from what i can see. Also keep in mind that radtest works using the secret; "testing123". Sorry if I'm missing the point. Thanks for your help so far. David Ly -Soma Networks
and here is my /etc/pam_radius_auth.conf (i've tried space / tab delimited ) # server[:port] shared_secret timeout (s) 127.0.0.1 testing123 2 localhost testing123 1
So they are identical from what i can see. Also keep in mind that radtest works using the secret; "testing123". Sorry if I'm missing the point. Thanks for your help so far.
Default localhost secret is testing123. And radtest confirms that. Something is wrong with the pam shared secret. Are you modifying the correct .conf file (should be in /etc/raddb/server)? Default password in pam_radius_auth.conf for localhost is "secret". Ivan Kalik Kalik Informatika ISP
participants (2)
-
David Ly -
tnt@kalik.net