Re: Trying to set no authentication for users

Thu, 08 Jan 2004 10:57:21 -0800 

On Thu, 2004-01-08 at 17:08, Alan DeKok wrote:
> John Horne <[EMAIL PROTECTED]> wrote:
> > >   Will allow the user through, without password checking.
> > >
> > No it doesn't - I tried that after reading the FAQ. If I use just:
> > 
> >     jhornex    Auth-Type := Accept
> > 
> > then radiusd complains that no MSCHAP password has been supplied:
> 
>   Which is why I suggested the patch to the MSCHAP module.
> 
>   Also, list "mschap" in the "authorize" section BEFORE the "files"
> module.  That should make it work.
>
Yes, that list bit makes it work a bit better :-) However, the
connection still gets dropped - it authenticates then disconnects.
radiusd shows:

  rad_recv: Access-Request packet from host 127.0.0.1:40590, id=207,
    length=135
          Service-Type = Framed-User
          Framed-Protocol = PPP
          User-Name = "jhornex"
          MS-CHAP-Challenge = 0x9ba0cfb38117c686059c6fcfc1c766c6
          MS-CHAP2-Response =
0x0100e121e9d1b2342bc6ce77b610beac0b4900000000000000003f2b0f1fc8eb1dfc3c8d6548139a79efe61ebda57f88185c
          NAS-IP-Address = 141.163.163.250
          NAS-Port = 0
  modcall: entering group authorize for request 0
    modcall[authorize]: module "preprocess" returns ok for request 0
    rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type :=
MS-CHAP'
    modcall[authorize]: module "mschap" returns ok for request 0
      users: Matched jhornex at 221
    modcall[authorize]: module "files" returns ok for request 0
  modcall: group authorize returns ok for request 0
    rad_check_password:  Found Auth-Type Accept
    rad_check_password: Auth-Type = Accept, accepting the user
  Login OK: [jhornex] (from client localhost port 0)
  Sending Access-Accept of id 207 to 127.0.0.1:40590
  Finished request 0
  Going to the next request
=======================================

As can be seen it says 'Login OK' but seems to be missing the:

    Sending Access-Accept of id 209 to 127.0.0.1:40603
        MS-CHAP2-Success =
0x01533d36364635423233344331414344363438463746353946443832353834324437424131433645464332
        MS-MPPE-Recv-Key = 0x4ca560566ccfe8dc36dff7f0ca4105b0
        MS-MPPE-Send-Key = 0x87b29ea1f2f4d997c695b364e22fbb80
        MS-MPPE-Encryption-Policy = 0x00000002
        MS-MPPE-Encryption-Types = 0x00000004
    Finished request 0



John

-- 
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: [EMAIL PROTECTED]       Fax: +44 (0)1752 233839



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to