Unable to Authenticate with SHA Password

Rajkumar balaji rajkumar.balaji.s at gmail.com
Mon Sep 12 16:44:25 CEST 2011


Hi All,

I am unable to authenticate the When I send SHA password to the FreeRADIUS.

I have configured SHA-Password := "admin123" in the users file.
My Password is admin123 and after SHA messagedigest its
-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48

RADIUS is getting the request but its rejecting it.

Please find the following radius logs,

rad_recv: Access-Request packet from host 172.17.148.152 port 50459, id=0,
length=111
        User-Name = "emsadmin"
        User-Password =
"-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48"
        NAS-Identifier = "sunems8-zone2"
# Executing section authorize from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "emsadmin", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry emsadmin at line 204
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password
"-50-2710713-59-76-1105593-48-89-126-957495-4-108-29-81-48"
[pap] Using SHA1 encryption.
[pap] Configured SHA1 password has incorrect length
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> emsadmin
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 0 to 172.17.148.152 port 50459
Waking up in 4.9 seconds.
Cleaning up request 1 ID 0 with timestamp +6002
Ready to process requests.




--
View this message in context: http://freeradius.1045715.n5.nabble.com/Unable-to-Authenticate-with-SHA-Password-tp4794449p4794449.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list