MSChap via ntlm_auth problem

Anton Brinyov anton.brinyov at gmail.com
Sat Aug 22 22:14:29 CEST 2009


Hmmm...

Problem was solved by recompiling kernel and freeradius.

Thanks,
Anton.


2009/8/22 Anton Brinyov <anton.brinyov at gmail.com>:
> Oh!
>
> I notice in /var/log/messages follow line after each auth attempt:
>
> Aug 22 18:28:33 gate1 kernel: pid 78473 (radiusd), uid 133: exited on signal 12
>
>
> Thanks,
> Anton
>
>
> 2009/8/22 Anton Brinyov <anton.brinyov at gmail.com>:
>> Hi,
>>
>> I try to move samba's ntlm_auth program and replace it by simple shell script:
>>
>> #!/bin/sh
>> echo "Test!"
>>
>> But NOTHING CHANGED!
>>
>> I think, radius don't call ntlm_auth program, but I don't know why.
>>
>> Thanks,
>> Anton
>>
>>
>> 2009/8/20 Anton Brinyov <anton.brinyov at gmail.com>:
>>> Here are my sites-enabled/default and sites-enabled/inner-tunnel files.
>>>
>>> Thanks,
>>> Anton
>>>
>>>
>>> 2009/8/19 Alan Buxey <A.L.M.Buxey at lboro.ac.uk>:
>>>> Hi,
>>>>
>>>>> I have another freeradius host (freeradius 2.1.3) with the same
>>>>> authentication scheme.
>>>>> I look at debug output on it:
>>>>>
>>>>> Found Auth-Type = MSCHAP
>>>>> +- entering group MS-CHAP {...}
>>>>> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
>>>>> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
>>>>> [mschap] Told to do MS-CHAPv2 for BAS with NT-Password
>>>>> [mschap] WARNING: Deprecated conditional expansion ":-".  See "man
>>>>> unlang" for details
>>>>> [mschap] WARNING: Deprecated conditional expansion ":-".  See "man
>>>>> unlang" for details
>>>>> [mschap]        expand:
>>>>> --username=%{Stripped-User-Name:-%{User-Name:-None}} -> --username=BAS
>>>>> [mschap]  mschap2: bb
>>>>> [mschap]        expand: --challenge=%{mschap:Challenge:-00} ->
>>>>> --challenge=205180e1818e1214
>>>>> [mschap]        expand: --nt-response=%{mschap:NT-Response:-00} ->
>>>>> --nt-response=0a9b4e0053367b750904915b08aa65b792be3274e312aa78
>>>>> Exec-Program output: NT_KEY: A9B342EC3E218E54A330556C468415CD
>>>>> Exec-Program-Wait: plaintext: NT_KEY: A9B342EC3E218E54A330556C468415CD
>>>>> Exec-Program: returned: 0
>>>>> [mschap] adding MS-CHAPv2 MPPE keys
>>>>> ++[mschap] returns ok
>>>>>
>>>>> ntlm_auth comands is the same on both hosts.
>>>>>
>>>>> The difference is "Exec-Program output:"
>>>>>
>>>>> Why?
>>>>
>>>> your previous emails only listed the mschap module and radiusd.conf - but
>>>> not the sites-enabled/default or sites-enabled/inner-tunnel  files.....
>>>>
>>>> alan
>>>> -
>>>
>>
>




More information about the Freeradius-Users mailing list