freeRaidus-PAM:: user password issue - Urgent help required
Hi,I configured my FR server with PAM.When tried with radclient from localhost (where is FR is installed), user password is displaying in clear text; but when trying to authenticate the same user over network (using ntradping), user password is showing in "unprintable chars". Following are my configs:radiusd.conf:------------1) pam { # # The name to use for PAM authentication. # PAM looks in /etc/pam.d/${pam_auth_name} # for it's configuration. See 'redhat/radiusd-pam' # for a sample PAM configurat! ion file. # # Note that any Pam-Auth attribute set in the 'authorize' # section will over-ride this one. # pam_auth = radiusd }2) authenticate { ....... pam ...... }clients.conf file:---------------client 127.0.0.1 { secret = testing123 &n! bsp; shortname &n bsp; = localhost} client 192.168.100.192 { secret = testing123 shortname = private-network-2}users file:----------John90 Auth-Type = "Pam" Reply-Message = "Hello Welcome to Radius, %u"Following is the radius -X o/p:------------------------------rad_recv: Access-Request packet from host 192.168.200.196:4892, id=7, length=46 User-Name = "John90" User-Password = "i\335T\334\227z\037\345?!<\014\024\220!\205" Processing the authorize section of radiusd.confmod! call: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "John90", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 modcall[authorize]: module "files" returns notfound for request 1rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. modcall[authorize]: module "pap" returns noop for request 1modcall: leaving group authorize (returns ok) for request 1auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the userauth: Failed to valida! te the user. WARNING: Unprintable characters in the password. ?& nbsp; Double-check the shared secret on the server and the NAS!Delaying request 1 for 1 secondsFinished request 1Going to the next request.......Verified the shared secret and it is given correctly in the request.Is there any configuration need to be done?Appreciate your help.Thanks,Sri
Verified the shared secret and it is given correctly in the request.Is there any configuration need to be done?Appreciate your help.Thanks,Sri
Shared secret *is* wrong - probability 99.99% Crypto libraries are corrupted - probability 0.01% Retype the shared secret on the remote test client. Ivan Kalik Kalik Informatika ISP
participants (2)
-
krishna Mohan -
tnt@kalik.net