Still having issue with radtest
Dennis Skinner
dskinner at bluefrog.com
Mon Mar 27 22:33:31 CEST 2006
Atkins, Dwane P wrote:
> 1.) Since I attempting to use the sql database for authentication
> purpose,
No you are not. You are trying to use sql for AUTHORIZATION.
FreeRADIUS will do the AUTHENTICATION based on what it finds in the
database during the AUTHORIZATION phase. Understand that and it will
get you much further along.
> would it be best if I made sure that radius at localhost
> <mailto:radius at localhost> (my username I chose) be in the users file and
> also be granted privileges on the sql database (I chose to call it
> radius as well)
GRANT SELECT ON radius.* TO radius at localhost IDENTIFIED BY 'somepassword'
I think is what you want. You will probably also want to grant that
user INSERT and UPDATE privs on the radacct table.
"somepassword" is what you would use if you did this on the commandline:
mysql -u radius -psomepassword radius
It is *not* the password for the user trying to auth, nor the shared secret.
> 2.) When doing the radtest, would the proper syntax be radtest radius
> radiustest localhost 1645 baseball (with baseball being the shared
> secret also entered into the clients.conf file) or should there be
> quotes around the shared secret. My apologies for calling it a preshare
> key. This is an IPSec term that I have used for a few years.
No quotes.
> 3.) I have read documentation. I have bought the O'Reilly Book and
> read it. I have reinstalled my server and all to no avail. I
> appreciate the help you all give, but I am stuck. I am sure I
> overlooked the issue, but at this point, I cannot see it.
Read it again. Start working from the beginning, not the middle. Do a
fresh install and DO NOT change the config files. Put a test user in
the "users" file and make sure radtest works (no SQL until you make this
work!). Then make 1 change at a time and work up to the config you want.
--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
More information about the Freeradius-Users
mailing list