Password oddity

Alan DeKok aland at
Thu Dec 16 09:24:52 CET 2010

discgolfer72 wrote:
> Set up FreeRadius on SLES 10. Using the NTRadPing utility we can authenticate
> to our back end LDAP server (eDirectory) w/o problem. However, when we
> enabled Radius authentication on two separate Wireless access points
> (Linksys WRT54 and DLink WBR 1310), they both fail authentication because
> the password they pass (or how FreeRadius interprets the password) changes
> one letter of the password.

  As *always*, run the server in debugging mode to see what's going on.
 You should see what the server receives.

> For example, we set up a radtest user with a password of radtest. FreeRadius
> server in debug shows the request come in but passes a password value of
> aadtest. So, as a test we changed the password to aadtest for the radtest
> user. The password then came across as badtest. So, we thought we'd change
> the password to cadtest to see what would happen. Now the password was
> sent/received as aadtest again.

  There is nothing in the default configuration which does this kind of

> Running FreeRadius 1.1.0 as this is the version that Novell "supports." 
> Please don't yell at me on this.  Their documentation is based on this
> version and not the latest version.......

  Then ask Novell for support.

  It's really not that hard. If you have a supported version, as the
people who support it for help.  If you want our advice, use the version
*we* support.

> Has anyone seen this behavior before and if so, know how to fix it?

  Upgrade to 2.1.10.

  Alan DeKok.

More information about the Freeradius-Users mailing list