Plain text password file
Phil Mayers
p.mayers at imperial.ac.uk
Tue Dec 20 01:35:22 CET 2005
Alexander Lund wrote:
> No, the file I supply could have spaces if you needed it to solve my
> problem.
Ok that's fine then
>
> This is just the thing I need:
> username:plaintextPassword:ASingleGroup
>
> Its perfect, but I´d like to know exactly what Im doing so heres another
> question,
> The passwordfile. If Im not thinking completly wrong it shouldn´t have
> any headers or a fileextension
It definitely shouldn't have any headers. The actual name of the file is
irrelevant, including extension - FreeRadius doesn't care.
>
> And do I have to use Chap? or can I use PAP with plain text passwords.
No, PAP is easy to do - the first example can be trivially modified to:
modules {
passwd user_pass_group {
filename = /path/to/file
format = "*User-Name:~User-Password:~Group"
}
pap {
encryption_scheme = clear
}
}
authorize {
preprocess
user_pass_group
}
authenticate {
Auth-Type PAP {
pap
}
}
...the only different is you put "User-Password" in the file format,
telling it the cleartext password is there, and tell PAP not to bother
recrypting (encryption_scheme = clear)
One final thing to note - FreeRadius does NOT see changes to the file
after it has started up. You will need to HUP the server for the file to
be reloaded into memory.
Hope that helps.
More information about the Freeradius-Users
mailing list