Cross platform secure login on wpa2

Brian Candler b.candler at
Mon Dec 19 17:39:39 CET 2016

On 19/12/2016 15:28, Henti Smith wrote:
> I've upgraded to V3.0.12 and made the config changes as suggested.
> Authentication is still not working, but at least I'm now getting krb auth
> attempts, which fails due to 'Attribute "User-Password" is required for
> authentication'
> Please fine log below

(7) mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
(7)       [mschap] = ok
(7) krb5: ERROR: Attribute "User-Password" is required for authentication

The client has negotiated MSCHAP authentication. You cannot do MSCHAP 
authentication with Kerberos as a password oracle, because MSCHAP 
doesn't send the cleartext password.

You need to restrict the authentication to PAP or GTC.



More information about the Freeradius-Users mailing list