Digest Authentication with a Cisco device
Alan DeKok
aland at deployingradius.com
Wed Oct 2 22:18:47 CEST 2013
Philip Walenta wrote:
> I'm trying to do what might be an odd configuration.
>
> I'm attempting to digest auth users without caring about their
> "User-name" attribute.
That should work.
> So in other words I want to auth on the "Digest-User-Name = "testuser""
> that comes in as part of the Digest-Attributes and a password.
You should be able to do that.
> So in the users file I have "DEFAULT Cleartext-password :=
> "password""
That will allow ANY user to authenticate using ANY authentication
method, and with that password.
> I created a partial digest file but it appears to be ignored on every test:
> Digest-User-Name = "testuser"
> Digest-Algorithm = "MD5"
> Digest-QOP = "auth"
I don't know what that means. What file is this? Why did you create
it? What's reading it?
> In the debug I see:
> [digest] A1 = testuser:sp.eng:passwod
>
> I can change to username to anything I want and as long as the password
> is correct the user will auth.
That seems to be doing what you want.
> Am I attempting something impossible or doing it incorrectly?
I'm not entirely sure what you're doing, so I can't really answer that.
Alan DeKok.
More information about the Freeradius-Users
mailing list