How to check ?orrectness of the secret key?

Alan DeKok aland at deployingradius.com
Mon Sep 24 15:04:14 CEST 2012


Phil Mayers wrote:
> He then says:
> 
> """
> I've tried to send auth request from localhost againg, but with wrong
> key. As a result -- no log-info in radius.log
> """

  Right.  Which is why everything says run the server in debugging mode.

  It does NOT log bad shared secrets to radius.log.  Doing so would open
it up to a denial of service attack.

> It's not clear to me that he's consistently testing with "radiusd -X",
> or if he's looking at the "log { }" stanza output, which is not the
> right thing to do.

  Inconsistency is a hallmark of people who don't solve problems.
Attempting random things without a clear method is always a bad idea.

  Alan DeKok.


More information about the Freeradius-Devel mailing list