rlm_eap_md5: Cleartext-Password is required for EAP-MD5authentication

youler yonglech at gmail.com
Wed Jul 15 09:40:17 CEST 2009


My running environment is freeraius-2.1.3,The authentication type is EAP/MD5.
It's running not well with individual 'user' file.I can't find the problem.
My mainly configuration file as follow:
IN sites-enabled/default
----------------------
authorize {
eap {
                ok = return
    }
files
#sql
expiration
logintime
} 
authenticate {
eap
} 
IN eap.conf
----------------------
eap {
default_eap_type = md5
timer_expire     = 60
ignore_unknown_eap_types = no
 max_sessions = 2048
md5 {
}
}
IN users
------------------------
chenyongle      Cleartext-Password := "123456"
------------------------------------------
debug information as following:
rad_recv: Access-Request packet from host 127.0.0.1 port 43289, id=134,
length=260
        EAP-Message =
0x0285002004108010475cd7f849537fae81777bc3287f6368656e796f6e676c65
        User-Name = "chenyongle at localhost"
        Prompt = 0x313233343536
        Service-Type = Framed-User
        Framed-MTU = 1400
        State = 0xa554770ea5d17374eb266130b8a3c5d8
        Message-Authenticator = 0xd3f3ddc1a6813a6862213b0e5bc2fc02
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "localhost" for User-Name = "chenyongle at localhost"
[suffix] No such realm "localhost"
++[suffix] returns noop
++[files] returns noop
[eap] EAP packet type response id 133 length 32
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/md5
[eap] processing type md5
rlm_eap_md5: Cleartext-Password is required for EAP-MD5 authentication
[eap] Handler failed in EAP/md5
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> chenyongle at localhost
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 43289, id=134,
length=260
Waiting to send Access-Reject to client localhost port 43289 - ID: 134
Sending delayed reject for request 1
Sending Access-Reject of id 134 to 127.0.0.1 port 43289
        EAP-Message = 0x04850004
        Message-Authenticator = 0x00000000000000000000000000000000
-- 
View this message in context: http://www.nabble.com/rlm_eap_md5%3A-Cleartext-Password-is-required-for-EAP-MD5authentication-tp24492879p24492879.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.





More information about the Freeradius-Users mailing list