hi, i have problems using chap with my radius server(FreeRADIUS Version 1.0.4). please help me out.. my users file on radius server: simha Auth-Type := CHAP , CHAP-Password == "hello" on the packet from radclient: User-Name = "simha" , CHAP-Password = "40c567281480e959747ddd9ea7589015" , CHAP-Challenge = "challenge" i use a request-id of 200 to generate the chap password as: 200hellochallenge when i run md5sum on this ..i get: 40c567281480e959747ddd9ea7589015 which i use as CHAP-Password attribute in radclient. in radiusd.conf: chap { authtype = CHAP } this is what i have. now when i use radclient as : radclient -f packet_chap 10.91.0.167 auth testing123 -i 200 where packet_chap(a file) has the contents: User-Name = "simha" , CHAP-Password = "40c567281480e959747ddd9ea7589015" , CHAP-Challenge = "challenge" 200 is the request id 10.91.0.167 is the radius server. on the radius server ..i get : rad_check_password: Found Auth-Type CHAP auth: type "CHAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_chap: login attempt by "simha" with CHAP password rlm_chap: Using clear text password for user simha authentication. rlm_chap: Pasword check failed modcall[authenticate]: module "chap" returns reject for request 0 modcall: group Auth-Type returns reject for request 0 auth: Failed to validate the user. so what is wrong with the process i have followed? bye simha
dilip simha <nmdsimha@gmail.com> wrote:
i have problems using chap with my radius server(FreeRADIUS Version 1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == "hello"
This is wrong. Use "User-Password := ...", not "CHAP-Password == ..." Alan DeKok.
Alan DeKok wrote:
dilip simha <nmdsimha@gmail.com> wrote:
i have problems using chap with my radius server(FreeRADIUS Version 1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == "hello"
This is wrong. Use "User-Password := ...", not "CHAP-Password == ..."
Alan DeKok.
hi alan, i used User-Password := ..... itself..... still i get this error. rad_check_password: Found Auth-Type CHAP auth: type "CHAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_chap: login attempt by "simha" with CHAP password rlm_chap: Using clear text password for user simha authentication. rlm_chap: Pasword check failed modcall[authenticate]: module "chap" returns reject for request 0 modcall: group Auth-Type returns reject for request 0 auth: Failed to validate the user. .......i wonder..why chap is using clear text password instead of md5. ----i went through the source code and there in srs/modules/rlm_chap/rlm_chap.c i can see that md5 encryption is going on...but display message says that it uses clear text password!!! is this of any concern here? Dilip Simha
participants (2)
-
Alan DeKok -
dilip simha