Save Passwords Encrypted in DB
Nasser Heidari
nasser at rasana.net
Mon Sep 6 21:53:01 CEST 2010
I've found the problem, it was a mistake in my users file. I just changes Auth-Type to PAP :
root at tradius <mailto:root at tradius> :~# cat /etc/raddb/users
DEFAULT Auth-Type := PAP, Simultaneous-Use := 1
Fall-Through = Yes
Thanks
________________________________
From: freeradius-users-bounces+nasser=rasana.net at lists.freeradius.org on behalf of Nasser Heidari
Sent: Mon 9/6/2010 10:51 PM
To: FreeRadius users mailing list
Subject: RE: Save Passwords Encrypted in DB
root at tradius:~# cat /etc/raddb/users
DEFAULT Auth-Type := Local, Simultaneous-Use := 1
Fall-Through = Yes
------------------------------------------
root at tradius:~# radtest nasser plainpass 127.0.0.1:1812 1700 adminsecret
Sending Access-Request of id 155 to 127.0.0.1 port 1812
User-Name = "nasser"
User-Password = "plainpass"
NAS-IP-Address = 192.168.7.254
NAS-Port = 1700
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=155, length=20
------------------------------------------
rad_recv: Access-Request packet from host 127.0.0.1 port 49986, id=155, length=65
User-Name = "nasser"
User-Password = "plainpass"
NAS-IP-Address = 192.168.7.254
NAS-Port = 1700
Tue Sep 7 10:39:22 2010 : Info: +- entering group authorize {...}
Tue Sep 7 10:39:22 2010 : Info: ++[preprocess] returns ok
Tue Sep 7 10:39:22 2010 : Info: [files] users: Matched entry DEFAULT at line 1
Tue Sep 7 10:39:22 2010 : Info: ++[files] returns ok
Tue Sep 7 10:39:22 2010 : Info: [suffix] No '@' in User-Name = "nasser", looking up realm NULL
Tue Sep 7 10:39:22 2010 : Info: [suffix] No such realm "NULL"
Tue Sep 7 10:39:22 2010 : Info: ++[suffix] returns noop
Tue Sep 7 10:39:22 2010 : Info: [sql] expand: %{User-Name} -> nasser
Tue Sep 7 10:39:22 2010 : Info: [sql] sql_set_user escaped user --> 'nasser'
Tue Sep 7 10:39:22 2010 : Debug: rlm_sql (sql): Reserving sql socket id: 19
Tue Sep 7 10:39:22 2010 : Info: [sql] expand: call usercheck('%{SQL-User-Name}') -> call usercheck('nasser')
Tue Sep 7 10:39:22 2010 : Debug: rlm_sql_mysql: query: call usercheck('nasser')
Tue Sep 7 10:39:22 2010 : Info: [sql] User found in radcheck table
Tue Sep 7 10:39:22 2010 : Info: [sql] expand: call userreply('%{SQL-User-Name}') -> call userreply('nasser')
Tue Sep 7 10:39:22 2010 : Debug: rlm_sql_mysql: query: call userreply('nasser')
Tue Sep 7 10:39:22 2010 : Debug: rlm_sql (sql): Released sql socket id: 19
Tue Sep 7 10:39:22 2010 : Info: ++[sql] returns ok
GOT CLONE -1219773760 0x86eea50
Tue Sep 7 10:39:22 2010 : Info: ++[logintime] returns noop
Tue Sep 7 10:39:22 2010 : Info: [reply_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d -> /var/log/radius/radacct/127.0.0.1/reply-detail-20100907
Tue Sep 7 10:39:22 2010 : Info: [reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/127.0.0.1/reply-detail-20100907
Tue Sep 7 10:39:22 2010 : Info: [reply_log] expand: %t -> Tue Sep 7 10:39:22 2010
Tue Sep 7 10:39:22 2010 : Info: ++[reply_log] returns ok
Tue Sep 7 10:39:22 2010 : Info: Found Auth-Type = Local
Tue Sep 7 10:39:22 2010 : Info: WARNING: Please update your configuration, and remove 'Auth-Type = Local'
Tue Sep 7 10:39:22 2010 : Info: WARNING: Use the PAP or CHAP modules instead.
Tue Sep 7 10:39:22 2010 : Info: User-Password in the request does NOT match "known good" password.
Tue Sep 7 10:39:22 2010 : Info: Failed to authenticate the user.
Tue Sep 7 10:39:22 2010 : Auth: Login incorrect: [nasser/plainpass] (from client admincheck port 1700)
Tue Sep 7 10:39:22 2010 : Info: Using Post-Auth-Type Reject
Tue Sep 7 10:39:22 2010 : Info: +- entering group REJECT {...}
Tue Sep 7 10:39:22 2010 : Info: ++[sql] returns ok
Tue Sep 7 10:39:22 2010 : Info: [reply_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d -> /var/log/radius/radacct/127.0.0.1/reply-detail-20100907
Tue Sep 7 10:39:22 2010 : Info: [reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/127.0.0.1/reply-detail-20100907
Tue Sep 7 10:39:22 2010 : Info: [reply_log] expand: %t -> Tue Sep 7 10:39:22 2010
Tue Sep 7 10:39:22 2010 : Info: ++[reply_log] returns ok
Tue Sep 7 10:39:22 2010 : Info: Delaying reject of request 0 for 3 seconds
Tue Sep 7 10:39:22 2010 : Debug: Going to the next request
Tue Sep 7 10:39:22 2010 : Debug: Waking up in 0.9 seconds.
Tue Sep 7 10:39:23 2010 : Debug: Waking up in 1.9 seconds.
Tue Sep 7 10:39:25 2010 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 155 to 127.0.0.1 port 49986
Tue Sep 7 10:39:25 2010 : Debug: Waking up in 9.9 seconds.
Tue Sep 7 10:39:35 2010 : Info: Cleaning up request 0 ID 155 with timestamp +17
Tue Sep 7 10:39:35 2010 : Info: Ready to process requests.
^C
root at tradius:~#
________________________________
From: freeradius-users-bounces+nasser=rasana.net at lists.freeradius.org on behalf of Alan DeKok
Sent: Mon 9/6/2010 7:49 PM
To: FreeRadius users mailing list
Subject: Re: Save Passwords Encrypted in DB
Nasser Heidari wrote:
> But no success, also I add Password-With-Header := "{crypt}" to my
> sql.conf but no success !
> Do I missing something ?
See the FAQ for "it doesn't work"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 8211 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100907/b33015cc/attachment.bin>
More information about the Freeradius-Users
mailing list