Digest test

Iandc Davies Iandc.Davies at Marconi.com
Wed Aug 31 10:34:55 CEST 2005


I am using freeradiusd 1.0.4 on RedHat Linux 9 and have just run the digest
test suggested in the doc area through radclient.
As it stands, I receive a code 3 reply (Access-Reject).

The instruction for the test tells me to do the following:
1. In the /etc/raddb/users file insert entry as below :-
      test  Auth-Type := Digest, User-Password = "test"
            Reply-Message = "Hello, test with Digest"

2. Initiate radclient with a file called digest (i.e. radclient -f digest
localhost auth testing123)
      User-Name = "test",
      Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7",
      Digest-Realm = "testrealm",
      Digest-Nonce = "1234abcd",
      Digest-Method = "INVITE",
      Digest-URI = "sip:5555551212 at example.com",
      Digest-Algorithm = "MD5",
      Digest-User-Name = "test"

The command line holds the shared secret as defined in clients.conf file.
However for this test to work, I had to insert a User-Password = "xxxx"
(where xxxx is the actual password), into the digest file.
After this I get a code 2 reply (Access-Accept).

A radiusd -X dump shows freerad trying to do a unix authentication via the
rlm_unix module.
I've tried to comment out any instances of unix authentication from the
radiusd.conf file but with the same results.

Is there a way to tell freerad not to check user-password ?

Ian Davies {02476 564662}
          Internal   (x740 4662)
Software Development Engineer

More information about the Freeradius-Users mailing list