default configuration no auth-type
Having just completely purged and reinstalled freeradius, I cannot get the default configuration to work. Here is the output from a request in debug mode: rad_recv: Access-Request packet from host 127.0.0.1 port 59114, id=221, length=59 User-Name = "testing" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "testing", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> testing attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 221 to 127.0.0.1 port 59114 The user and testing were performed following the guide found on the freeradius wiki here: http://wiki.freeradius.org/guide/Basic-configuration-HOWTO any help is greatly appreciated! -- the-maldridge aldridge.mac@gmail.com
On 01/03/2014 01:52 PM, Michael Aldridge wrote:
Having just completely purged and reinstalled freeradius, I cannot get the default configuration to work. Here is the output from a request in debug mode:
rad_recv: Access-Request packet from host 127.0.0.1 port 59114, id=221, length=59 User-Name = "testing" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "testing", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> testing attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 221 to 127.0.0.1 port 59114
The user and testing were performed following the guide found on the freeradius wiki here: http://wiki.freeradius.org/guide/Basic-configuration-HOWTO
any help is greatly appreciated!
Try reading what you posted, the answer is there. See the line that says: ERROR: No authenticate method (Auth-Type) found for the request Hmm ... let's see, why wouldn't there be a password for the user "testing"? Maybe because you wiped out the user's file where you put that information? -- John
yes, purging the package did wipe that folder and users file, but as per the guide that I linked to at the bottom of my initial post, I rebuilt the users file. On Fri, Jan 3, 2014 at 1:29 PM, John Dennis <jdennis@redhat.com> wrote:
On 01/03/2014 01:52 PM, Michael Aldridge wrote:
Having just completely purged and reinstalled freeradius, I cannot get the default configuration to work. Here is the output from a request in debug mode:
rad_recv: Access-Request packet from host 127.0.0.1 port 59114, id=221, length=59 User-Name = "testing" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "testing", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> testing attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 221 to 127.0.0.1 port 59114
The user and testing were performed following the guide found on the freeradius wiki here: http://wiki.freeradius.org/guide/Basic-configuration-HOWTO
any help is greatly appreciated!
Try reading what you posted, the answer is there.
See the line that says:
ERROR: No authenticate method (Auth-Type) found for the request
Hmm ... let's see, why wouldn't there be a password for the user "testing"?
Maybe because you wiped out the user's file where you put that information?
-- John
-- the-maldridge aldridge.mac@gmail.com
Michael Aldridge wrote:
yes, purging the package did wipe that folder and users file, but as per the guide that I linked to at the bottom of my initial post, I rebuilt the users file.
No, you didn't.
> ++[files] returns noop
See? The "testing" user isn't in the "users" file. Read the debug output. Really. In DETAIL. It HELPS. Alan DeKok.
Are you editing the correct users file? Have you added the test user to the top of the file? alan -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
I think I am editing the correct file (/etc/raddb/users). Here are the contents of the users file: testing Cleartext-Password := "password" Does the users file have to be owned by a specific user? I had to manually create the raddb folder, if that signifies anything. On Fri, Jan 3, 2014 at 4:31 PM, Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Are you editing the correct users file? Have you added the test user to the top of the file?
alan -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
-- the-maldridge aldridge.mac@gmail.com
Michael Aldridge wrote:
I think I am editing the correct file (/etc/raddb/users).
Maybe. The debug output shows if it's reading that file. Reading it helps.
Here are the contents of the users file:
testing Cleartext-Password := "password"
Whatever the contents are, the server isn't reading that file.
Does the users file have to be owned by a specific user? I had to manually create the raddb folder, if that signifies anything.
Uh, yes. It means that the server isn't using that directory. It's using another one. Read the debug output to see which directory it's using. Honestly, all of this is in the debug output. Just read it. Alan DeKok.
hmm, works now. both files are mentioned in the startup of the system, but only the one at /etc/freeradius/users is being used. well, at least all is good now. On Fri, Jan 3, 2014 at 8:13 PM, Alan DeKok <aland@deployingradius.com>wrote:
Michael Aldridge wrote:
I think I am editing the correct file (/etc/raddb/users).
Maybe. The debug output shows if it's reading that file. Reading it helps.
Here are the contents of the users file:
testing Cleartext-Password := "password"
Whatever the contents are, the server isn't reading that file.
Does the users file have to be owned by a specific user? I had to manually create the raddb folder, if that signifies anything.
Uh, yes. It means that the server isn't using that directory. It's using another one.
Read the debug output to see which directory it's using.
Honestly, all of this is in the debug output. Just read it.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- the-maldridge aldridge.mac@gmail.com
participants (4)
-
Alan Buxey -
Alan DeKok -
John Dennis -
Michael Aldridge