Problem changing secret in clients.conf

Sat Mar 27 19:35:41 CET 2010

Hello!
I'm totally new in Linux, as well as in freeradius...
I've installed version 2.1.8 in Linuxmint 7.
I think everything in installation went ok... I succeed doing:
$ radtest user password 127.0.0.1 10 testing123
with user/password the ones that I use to login in my computer. I get a
response Access-Accept
(I had some problems here because I wasn't able to get an accept using
localhost instead of 127.0.0.1 ...)

I'm now in the next step.
I want to change the secret in clients.conf, so I made the change:
#secret = testing123
secret = abracadabra

I stopped radiusd and started again.

$ radtest user password 127.0.0.1 10 abracadabra
doesn't work any more... and I don't understand why... because I'm using the
same word.

*rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=146,
length=20
rad_verify: Received Access-Reject packet from client 127.0.0.1 port 1812
with invalid signature (err=2)! (Shared secret is incorrect.)*

I get this log:

rad_recv: Access-Request packet from host 127.0.0.1 port 34217, id=146,
length=60
User-Name = "mjimenez"
User-Password = "\353\036\355h\203l\217\362\252\003\203P\270\223\342\231"
NAS-IP-Address = 127.0.1.1
NAS-Port = 10
Sat Mar 27 18:59:31 2010 : Info: +- entering group authorize {...}
Sat Mar 27 18:59:31 2010 : Info: ++[preprocess] returns ok
Sat Mar 27 18:59:31 2010 : Info: ++[chap] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[mschap] returns noop
Sat Mar 27 18:59:31 2010 : Info: [suffix] No '@' in User-Name = "mjimenez",
looking up realm NULL
Sat Mar 27 18:59:31 2010 : Info: [suffix] No such realm "NULL"
Sat Mar 27 18:59:31 2010 : Info: ++[suffix] returns noop
Sat Mar 27 18:59:31 2010 : Info: [eap] No EAP-Message, not doing EAP
Sat Mar 27 18:59:31 2010 : Info: ++[eap] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[unix] returns updated
Sat Mar 27 18:59:31 2010 : Info: ++[files] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[expiration] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[logintime] returns noop
Sat Mar 27 18:59:31 2010 : Info: ++[pap] returns updated
Sat Mar 27 18:59:31 2010 : Info: Found Auth-Type = PAP
Sat Mar 27 18:59:31 2010 : Info: +- entering group PAP {...}
Sat Mar 27 18:59:31 2010 : Info: [pap] login attempt with password
"�?�h?l?��??P�?�?"
Sat Mar 27 18:59:31 2010 : Info: [pap] Using CRYPT encryption.
Sat Mar 27 18:59:31 2010 : Info: [pap] Passwords don't match
Sat Mar 27 18:59:31 2010 : Info: ++[pap] returns reject
Sat Mar 27 18:59:31 2010 : Info: Failed to authenticate the user.
Sat Mar 27 18:59:31 2010 : Debug: WARNING: Unprintable characters in the
password. Double-check the shared secret on the server and the NAS!
Sat Mar 27 18:59:31 2010 : Info: Using Post-Auth-Type Reject
Sat Mar 27 18:59:31 2010 : Info: +- entering group REJECT {...}
Sat Mar 27 18:59:31 2010 : Info: [attr_filter.access_reject] expand:
%{User-Name} -> mjimenez
Sat Mar 27 18:59:31 2010 : Debug: attr_filter: Matched entry DEFAULT at line
11
Sat Mar 27 18:59:31 2010 : Info: ++[attr_filter.access_reject] returns
updated
Sat Mar 27 18:59:31 2010 : Info: Delaying reject of request 0 for 1 seconds
Sat Mar 27 18:59:31 2010 : Debug: Going to the next request
Sat Mar 27 18:59:31 2010 : Debug: Waking up in 0.9 seconds.
Sat Mar 27 18:59:32 2010 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 146 to 127.0.0.1 port 34217
Sat Mar 27 18:59:32 2010 : Debug: Waking up in 4.9 seconds.
Sat Mar 27 18:59:37 2010 : Info: Cleaning up request 0 ID 146 with timestamp
+9

When I had testing123 as secret, in User-Password I could see "my real
password" and not "\353\036\355h\203l\217\362\252\00..."*
*
I have checked I have this line in radiusd.conf :
$INCLUDE clients.conf
*
*
Maybe is a stupid question and I've to change something more in another conf
file. I've not started configuring my NAS yet... I was trying to configure
radius first and checking with radtest step by step.*
*

Thank you in advance for any help you can give me,
Marta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100327/4c242b71/attachment.html>