mschap No Cleartext-Password configured

alois blasbichler alois.blasbichler at sb-brixen.it
Wed Oct 8 09:49:40 CEST 2008


>> ablasbichler Cleartext-Password == "ablasbichler"
>> With no success
>
> Should be := not ==.

Hello

Thank you for the the answers. I changed how you suggested but without  
success.

Another thing : we use md5 encrypted passwords in our Ldap-DB for  
userpasswords -  is it right that the line above in users overwrite  
this  ?

Here my log (tested with user test password alois)
Why pap use CRYPT encryption not it should be cleartext ?

by
luis


--------------------------------------------
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
request done: ld 0x81a0ba8 msgid 7
++[unix] returns updated
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry test at line 3
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "alois"
[pap] Using CRYPT encryption.
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
Login incorrect (rlm_pap: CRYPT password check failed): [test] (from  
client ciscosw port 0 via TLS tunnel)
} # server inner-tunnel
[ttls] Got tunneled reply code 3
[ttls] Got tunneled Access-Reject
[eap] Handler failed in EAP/ttls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Login incorrect: [test] (from client ciscosw port 29 cli 00-40-96-B4-5B-0F)
Using Post-Auth-Type Reject
+- entering group REJECT {...}
         expand: %{User-Name} -> test
  attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 13 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 13
Sending Access-Reject of id 6 to 10.53.240.10 port 32769
         EAP-Message = 0x04100004
         Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.4 seconds.




More information about the Freeradius-Users mailing list