authentication against script problem
Kenneth Penza
kennethpenza at yahoo.com
Mon Mar 19 09:30:05 CET 2007
People,
I am trying to get user authenticated against a
shell script. I have added the following configuration
to freeradius:
under the modules section i have added
exec myauth {
wait = yes
program =
"/etc/raddb/myscripts/auth.sh %{User-Name}"
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}
and under the authorize section I have added
myauth
The contents of the script:
[root at fedora5 raddb]# cat /etc/raddb/myscripts/auth.sh
#!/bin/bash
echo $1 >> /tmp/myauth.out
exit 0
[root at fedora5 raddb]#
On restarting the server,and attempting to connect to
the radius server I get
[root at fedora5 ~]# echo
"User-Name=user1,User-Password=pass1" |radclient -x
localhost:1812 auth testing123
Sending Access-Request of id 244 to 127.0.0.1:1812
User-Name = "user1"
User-Password = "pass1"
rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=244, length=20
[root at fedora5 ~]#
and in the session from I have started he radius
server using /usr/sbin/radiusd -X -A
I get:
Ready to process requests.
rad_recv: Access-Request packet from host
127.0.0.1:32772, id=244, length=45
User-Name = "user1"
User-Password = "pass1"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok
for request 0
modcall[authorize]: module "chap" returns noop for
request 0
modcall[authorize]: module "mschap" returns noop for
request 0
rlm_realm: No '@' in User-Name = "user1", looking
up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for
request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for
request 0
radius_xlat: '/etc/raddb/myscripts/auth.sh user1'
Exec-Program: /etc/raddb/myscripts/auth.sh user1
Exec-Program output:
Exec-Program: returned: 0
modcall[authorize]: module "myauth" returns ok for
request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration
found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [user1/pass1] (from client localhost
port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 244 to 127.0.0.1:32772
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 244 with timestamp 45fd3d21
Nothing to do. Sleeping until we see a request.
I am missing some configuration?
Thanks in advance for you help
Kenneth
____________________________________________________________________________________
Looking for earth-friendly autos?
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/
More information about the Freeradius-Users
mailing list