Freeradius with google authenticator gives error - No "known good" password found for the use

Alan DeKok aland at
Tue Mar 10 15:20:58 CET 2020

On Mar 9, 2020, at 5:40 PM, prasanna <prasanna.tuladhar at> wrote:
> I am new to freeradius and after going through docs and user faq I was not
> able to solve this issue after multiple checks in my config.
> freeradius version is 3.0.13
> I am using Linux ( from Amazon AWS HVM2 64 bit ) and using the EC2 box
> My VPC CIDR range (or client machines are ) :
> I used the scripts below to install

  That information isn't necessary.  We only need the debug output.  *All* of the documentation makes this clear.

> Enabled PAM in file/etc/sites-available/default by removing the '#' pam
> comment
> Enabled PAM as default authentication type in /etc/raddb/users by removing
> comment on DEFAULT Group and adding DEFAULT Auth-Type := PAM line
> DEFAULT Group == "disabled", Auth-Type := Reject
>                Reply-Message = "Your account has been disabled."
> DEFAULT Auth-Type := PAM

  Ok... *where* in the file was this added?

  And are you sure that the server is reading that file?  It's normally a symlink to mods-config/files/authorize.  Maybe you changed the "users" file to a normal file, in which case FreeRADIUS isn't reading it.

> ...
> (2)     [eap] = noop
> (2)     [files] = noop

  So nothing in the "users" file matched.

  Make sure that you're editing the right file, *and* that FreeRADIUS is reading it.

  Alan DeKok.

More information about the Freeradius-Users mailing list