Problem using hased passwords
Michael Schwartzkopff
ms at sys4.de
Fri Jun 30 10:46:36 UTC 2023
Hi,
I am trying to use a hased password, but I get the error:
pap: ERROR: SHA1 digest does not match "known good" digest
from the eap_gtc module.
According to the compatibility matrix this should work.
My setup:
users file:
user SHA-Password := "<SHA sum of the password, not salted>"
Log:
(31) files: users: Matched entry misch3 at line 101
(31) [files] = ok
(...)
(31) pap: Normalizing SHA-Password from hex encoding, 40 bytes -> 20 bytes
(31) pap: WARNING: Auth-Type already set. Not setting to PAP
(31) [pap] = noop
(31) } # authorize = updated
(31) eap_gtc: # Executing group from file
/etc/freeradius/3.0/sites-enabled/inner-tunnel
(31) eap_gtc: Auth-Type PAP {
(31) pap: Login attempt with password
(31) pap: Comparing with "known-good" SHA-Password
(31) pap: ERROR: SHA1 digest does not match "known good" digest
(31) pap: Passwords don't match
(31) eap_gtc: [pap] = reject
(31) eap_gtc: } # Auth-Type PAP = reject
Any ideas?
I double checked the passwords and the SHA sum on both ends.
Michael.
More information about the Freeradius-Users
mailing list