EAP-PEAP MSCHAPv2 with Python Module
Alan DeKok
aland at deployingradius.com
Thu Nov 9 22:16:15 CET 2017
On Nov 9, 2017, at 3:45 PM, Gary Gwin <garygwin at gmail.com> wrote:
>
>> Perhaps you could explain why you think you need to see the NT hash.
>
> I'm enlightened and don't think I need it anymore ;-)
Good.
> Here's pseudocode for my Python authorize method for the inner-tunnel:
>
> def authorize(RAD_REQUEST):
> nt_hash = get_user_nt_hash(user_name)
> config = ( ('NT-Password', nt_hash), ('Auth-Type', ':=', 'MS-CHAP'), )
Don't do that. Set the NT password. Don't set Auth-Type. The server can figure it out.
> Which is working, the user authenticates, but I see this error:
>
> (8) Found Auth-Type = MS-CHAP
> (8) Found Auth-Type = eap
> (8) ERROR: Warning: Found 2 auth-types on request for user 'testing'
>
> That doesn't seem to cause a problem, but is there something that
> should be done to suppress the error?
Don't create the bad configuration which results in the error.
Alan DeKok.
More information about the Freeradius-Users
mailing list