Password conflict between Radius Server and Machine account

kpani dhandu_k at
Tue Jun 16 16:50:17 CEST 2009


When I was trying to authenticate ssh login through radius server, I noticed
an conflict issue with password.

I have a linux machine-1 in which radius server is installed. I have
configured an user with name/password as root/public in
/usr/local/etc/raddb/users. But the linux machine already have a 'root' user
account with password 'public123'.

Now I tried to ssh machine-2 with username 'root' and password 'public'. SSH
of this machine-2 is configured with above radius server for authentication.
But the radius server rejects the access-request and log as below.
++[unix] returns updated
[files] users: Matched entry root at line 107
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "public"
[pap] Using CRYPT encryption.
[pap] Passwords don't match
++[pap] returns reject
Note the highlighted lines. First line says '[unix] returns updated. Later
says 'password doesn't match'.

But if I try with Machine-1 password 'public123', it accepts the request.

So looks like that the radius server authenticates with machine password &
not using the configured one.

Please clarify me if you have faced this issue.

View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list