about "freeradius accepts anybody"

Sergio sergioyebenes at alumnos.upm.es
Fri Jul 11 21:46:44 CEST 2008


Ivan Kalik escribió:
>> If I don't put Cleartext-Password := "" field (""!!!), the user always be rejected. Can anybody to explain this?            I haven't tried with some password, because results me ridiculous, I haven't configure any password for clients...
>>     
>
> Let's put that to the test. Put the username that you want to test on
> the very first line of users file. Just username, nothing else as check
> or reply and a blank row after. And post the debug of that user being
> rejected.
>
> You are saying that you have to have some kind of password or something
> else configured for the user. I'm telling you that you don't: just
> usernames separated by blank rows. Totally trivial entries that only
> prevent users file being read down to the Auth-Type Reject line.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
> __________ Información de NOD32, revisión 3257 (20080710) __________
>
> Este mensaje ha sido analizado con NOD32 antivirus system
> http://www.nod32.com
>
>
>
>   
The situation that you exposed logically works. But I can't authorize 
all users in spite of having a valid certificate, because the public 
PKI.....
Then, users file:
......
"user1"
........
"user2"
........
DEFAULT   Auth-Type := Reject
........

works, but if I put "userX" into another file and make an include, 
don't. In this situation, If I append an empty cleartext-password, 
works, with fall-through = no (I haven't tried with fall-through = yes 
because isn't logic)
On the other side, I put Fall-Through attribute to tell radius that 
should stop when a user matches users file, but looks isn't necessary. 
I'm confused....



More information about the Freeradius-Users mailing list