I'm stuck; FreeRadius and Heimdal Kerberos

Ronni Feldt rofe at one.com
Thu Oct 16 10:45:48 CEST 2008


Hi,

I am trying to get FreeRadius to work with Heimdal Kerberos.

What I use:
Ubuntu 8.04
FreeRadius 1.1.7-1build4
Heimdal-kdc 1.0.1-5ubuntu4

I have installed Heimdal Kerberos and get tickets. My next step is to
get FreeRadius to work with Heimdal and then logging in to my HP-Switch
using FreeRadius.

I have done the following:

# Heimdal Kerberos information
REALM = ONE.COM
HOST = rofe

# In Heimdal Kerberos
kadmin -l
kadmin> add radius
kadmin> ext_keytab --keytab=/etc/krb5.keytab radius
kadmin> add rofe

# Installing FreeRadius
apt-get install freeradius freeradius-krb5

# Added the following in /etc/freeradius/radiusd.conf
#  In the authenticate section

Auth-Type Kerberos {
    krb5
}

#  In the modules section
krb5 {
    # keytab containing the key used by rlm_krb5
    keytab = /etc/krb5.keytab
   
    # principal that is used by rlm_krb5
    service_principal = radius/rofe.one.com
}

I have followed what documentation I could find;
http://wiki.freeradius.org/Rlm_krb5

# Then I configured my HP-Switch:
radius-server host 192.168.212.93
radius-server key <key>			# As key I used the principal radius password
- correct ?

aaa authentication ssh login radius local
aaa authentication ssh enable radius local
aaa authentication telnet login radius local
aaa authentication telnet enable radius local
aaa authentication login privilege-mode

# Then I tried to login using telnet
telnet 192.168.212.4

# Gets prompted for username and password and uses principal rofe and my password but gets this error:
Can't reach RADIUS server 192.168.212.93


I can ping 192.168.212.4 from the HP-Switch.
I don't know what to do or where to look - I'm stuck!


- Ronni





More information about the Freeradius-Users mailing list