Beginner question to "known good password"

Alan DeKok aland at
Fri Nov 25 14:04:49 CET 2016

On Nov 25, 2016, at 7:58 AM, Julian Scharrenbach <j.scharrenbach at> wrote:
> The concept for "known good password" is something that really gives me
> a hard time to understand.

  That is the *good* password, or the *correct* password, as known to the server.

  The User-Password contains whatever string the user entered.  Which may or may not be the same text as the good password.

  The server compares the User-Password to the "known good" password.  If they're the same (or compatible, as with SMD5-Password), the user has entered the correct password, and the user is authenticated.  If they're different, the user has entered the wrong password.

> Can anyone tell me what I have to change to
> make this setup working?

  Read the debug output.

> I get the following debug-output:
> (0) pap: WARNING: No "known good" password found for the user.  Not
> setting Auth-Type
> The user in the User file is defined like this:
> testuser SMD5-Password := "6i2WbPPxOt2zLBrM/KzNEnRlc3Q=" ,
> NAS-IP-Address == '', Auth-Type := Accept

  And you're testing with...

(0) Received Access-Request Id 134 from to length 76
(0)   User-Name = "ndavis"


  The User-Name doesn't match the entry in the "users" file.  That's why it doesn't match.  It's not the same.

  Alan DeKok.

More information about the Freeradius-Users mailing list