'Attribute "User-Password" is required for authentication.' (EAP/TTLS/RADIUS/PAM)
nicolas.goutte at extragroup.de
Wed Jun 11 21:24:07 CEST 2008
As far as I understand your config files, you want to use MD5.
So the question are:
- is the client really sending MD5 hashes (or is it sending NT hashes
- can PAM handle it?
- has PAM access to the password in MD5 or in clear to be able to
check against it?
I hope that my hints could bring you forward.
Have a nice day!
PS.: personally what I find curious is that there is no "ttls" in the
log, except at initialization of radiusd.
Am 11.06.2008 um 20:47 schrieb sth:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I did see mention of a similar symptom in my searches, and a few
> (including this one) suggested that a fix was forthcoming in 1.1.5.
> By way of attempting this, I tried rolling my own 2.0.5 instance of
> but it had the same problem.
> Alan's post here indicates, "It needs a password." What I'm not
> on is _what_ needs a password: is the client not sending it, or
> does the
> FR server not have access to the backend against which it should be
> verifying the password incoming from the client? If the client is not
> sending it, how might I go about ascertaining why?
> In any case, this seems to be one of the more common errors for people
> attempting 802.1x auth via RADIUS, and since there are so many
> scenarios cited by the posts I'm finding, I hoped that the
> ~ among you might analyze and comment on my configuration. I can
> further information and diagnostic output upon request.
> If at any point it's appropriate for someone to say, "You fool! You
> can't have WPA(2) Enterprise authentication for both Mac and Windows!"
> please, don't hesitate to do so. ;-)
extragroup GmbH - Karlsruhe
Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
More information about the Freeradius-Users