PAM authentication not working

Jaap Winius jwinius at
Sat Feb 9 00:42:54 CET 2013

Quoting Alan DeKok <aland at>:

> No.  You can't turn off EAP.  The client is sending EAP to the server.
> You need to change the client.  And likely you can't, because it
> *needs* to do EAP.

Indeed, the key_mgmt attribute in my wpa_supplicant.conf is set to  
WPA-EAP and it looks like that's my only option. But, if you're  
correct, then how is this supposed to work? You make it sound like a  

>> ... freeradius' debug output has changed significantly:
> Read it. If the messages aren't clear, I really don't know what to do.

AFAICT, the most pertinent message is:

   [pap] WARNING! No "known good" password found for the user.
        Authentication may fail because of this.

However, it seems freeradius is not actually using the PAM modules,  
because nothing is showing up in /var/log/auth.log (I have yet to see  
it do that). Otherwise, I've checked that the Unix password for my  
account on the freeradius host is correct.



More information about the Freeradius-Users mailing list