Res: Res: Res: EAP-TTLS + Post-auth clear password

Erico Augusto ericosign at yahoo.com.br
Fri Mar 23 18:05:24 CET 2007


----- Mensagem original ----
De: Alan DeKok <aland at deployingradius.com>
Para: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Enviadas: Sexta-feira, 23 de Março de 2007 3:54:41
Assunto: Re: Res: Res: EAP-TTLS + Post-auth clear password

Erico Augusto wrote:
>  All I can say is "huh"?  You want to use a custom app, and you
>solution is to write a shell script that does... nothing?
sure not!

>  Perhaps you could explain how the custom app *currently* interacts
> with FreeRADIUS.  From the examples you've posted, it doesn't.
it's called learning ...

> My suggestion was to write a program that would send the username &&
> password to the custom app.  See the documentation for how to see the
>username && password in a shell script run by rlm_exec.
that's what I'm looking for ... constructive suggestions ...

>  What makes you think that the shell script changes the password?
>Nothing in the documentation or examples would lead you to believe that
>simple echoing a number would have the magic side-effect of changing the
>password.
just learning how the tool works...

>  The configurations you've shown don't match the documentation.  i.e.
>You think they do one thing, but the documentation says they do
>something else.
The interaction with JRadius now works ... it wasn't an issue with freeradius ... JRadius API was outputing 
[Encrypted String] to the password ... in truth, it's just in ASCII ... a simple casting fix everything.

So, to get cleartext password with WinXP SecureW2(EAP-TTLS) Supplicant configured to  PAP at Authentication Tab, using JRadius API, just gather password bytes as following:
byte [] passByte = requestPacket.getAttributes().get(Attr_UserPassword.NAME). getValue().getBytes();
where  requestPacket is a RadiusPacket object.

Erico.

--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html






__________________________________________________
Fale com seus amigos  de graça com o novo Yahoo! Messenger 
http://br.messenger.yahoo.com/ 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070323/ca6fa0ee/attachment.html>


More information about the Freeradius-Users mailing list