Crypt passwords doesn't work
keb at pa.net
Wed Apr 18 23:56:43 CEST 2007
On Wednesday 18 April 2007 16:39:27 Sebastian Firpo wrote:
> Hi, I migrated a freeradius server from version 0.6 to 1.5. I'm using a
> users file for authorize.
Wow, that's quite a leap. I assume from 0.6 to 1.1.5?
> The server don't authorize and when a do a debug (radiusd -X) I saw the
> User-password in clear text. If I modify the User-password in the users
> file by the clear text one it works.
> Here are the debug and an entry of the users file:
> Listening on authentication *:1812
> Listening on accounting *:1813
> Ready to process requests.
> rad_recv: Access-Request packet from host 10.12.4.2:1645, id=91, length=75
> NAS-IP-Address = 10.12.4.2
> NAS-Port = 1
> NAS-Port-Type = Virtual
> User-Name = "sebas"
> Calling-Station-Id = "10.11.1.25"
> User-Password = "hello"
> Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 0
> modcall[authorize]: module "preprocess" returns ok for request 0
> users: Matched entry sebas at line 50
> modcall[authorize]: module "files" returns ok for request 0
> modcall: leaving group authorize (returns ok) for request 0
> rad_check_password: Found Auth-Type Local
> auth: type Local
> auth: user supplied User-Password does NOT match local User-Password
> auth: Failed to validate the user.
> Delaying request 0 for 1 seconds
> users file
> sebas Auth-Type := Local, Crypt-Password == "(!lGOOlHaBWoQ"
> Service-Type = Administrative-User,
> Cisco-AVPair = "shell:priv-lvl=15"
> Thanks very much!!
Don't set Auth-Type, the server will figure it out. The operator for
Crypt-Password should be changed to := as well.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Freeradius-Users