unix module authentication doesn't work.....
wtautz
wtautz at cs.uwaterloo.ca
Wed Aug 23 14:22:23 CEST 2006
Alan DeKok wrote:
> Walter Tautz <wtautz at cs.uwaterloo.ca> wrote:
>
>> What I am trying to do:
>> ======================
>>
>> Use the /etc/shadow,/etc/passwd file
>> on the server for user authenticatication.
>>
>> I have configure (on the client)
>> /etc/pam.d/common-auth with contents:
>>
>
> The main problem with PAM RADIUS authentication is that you can't
> currently get UID, GID, shell, etc. through the PAM RADIUS module.
>
>
In short it only used /etc/shadow to verify passwd and
you still need a local /etc/passwd file and /etc/shadow but
one could set the passwd there to be disabled?
>> rad_recv: Access-Request packet from host 129.97.152.227:2770, id=124, length=102
>> User-Name = "test-walter"
>> User-Password = "\010\n\rINCORRECT"
>>
>
> That looks wrong. Is that actually what you typed?
>
>
Definitely not. Does it have something to do with encrypted passwd
format, i.e.
crypt, md5 or something??
>> rlm_unix: [test-walter]: invalid password
>>
>
> Which would seem to make sense.
>
>
>> WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS!
>>
>
> It might be a 64-bit issue with the PAM RADIUS module. See it's
> source for details... I haven't really looked at it for a few years
> now.
>
Where can I find the official source?
-Walter
More information about the Freeradius-Users
mailing list