Freeradius as a proxy to Windows IAS - reserved
clive gould
cliveg at gmail.com
Wed Aug 1 13:01:28 CEST 2007
Brilliant Thanks Claudia :-)))
Putting the shared secret in single quotes
'se\cret'
in radclient and in double quotes with the backslash escaped in
clients.conf and proxy.conf
"se\\cret"
worked fine with the radtest and what's more this now works too:
Linux VLE <----------->FreeRadius<------------>Microsoft IAS
Thank-you !!!
Clive
Message: 5
Date: Wed, 1 Aug 2007 13:26:35 +0300
From: Claudiu Filip <claudiu at globtel.ro>
Subject: Re[2]: Freeradius as a proxy to Windows IAS - reserved
characters in shared secret?
To: FreeRadius users mailing list
<freeradius-users at lists.freeradius.org>
Message-ID: <10210589886.20070801132635 at globtel.ro>
Content-Type: text/plain; charset=us-ascii
Hi clive,
Wednesday, August 1, 2007, 11:10:41 AM, you wrote:
> 2) If I use a secret key (similar to the one set on the IAS server)
> containing characters such as $\[ then the key is rejected and
Character "Escape from Alcatraz", a classic movie with Clint Eastwood..
Be careful with character escaping and bash cli (always use single
quotes to pass to radtest what you want).
Also avoid ${foo} as a secret
client 127.0.0.1 { secret = "\044{prefix}" }
radtest gigi kent 127.0.0.1 1 '/radiusd' => OK!! ($prefix = /radiusd)
client 127.0.0.1 { secret = "\\testing123" }
radtest gigi kent 127.0.0.1 1 '\testing123' => OK
radtest gigi kent 127.0.0.1 1 "\testing123" => OK (because bash does
not expand \t)
radtest gigi kent 127.0.0.1 1 "\\testing123" => OK (because bash
expands \\t to \t)
radtest gigi kent 127.0.0.1 1 '\\testing123' => NOT ok
client 127.0.0.1 { secret = "$\[" }
radtest gigi kent 127.0.0.1 1 '$[' => OK
client 127.0.0.1 { secret = "$\\[" }
radtest gigi kent 127.0.0.1 1 '$\[' => OK
Have fun!
More information about the Freeradius-Users
mailing list