Hello all,
I have searched the mailing list archived and have failed to find a solution
to my particular problem.
I am trying to switch the entries in our users file from Unix crypt to MD5
encryption. My entry in the users file looks like this:
mikelampson Auth-Type := PAP, Crypt-Password ==
"cc03e747a6afbbcbf8be7668acfebee5"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Compression = Van-Jacobson-TCP-IP
The above Crypt-Password is for the string "test123" and was generated by
using the md5_hex function from the Digest::MD5 Perl library.
The top portion of the authenticate section of radiusd.conf is as follows:
Auth-Type PAP {
pap
}
And the pap section looks like this:
# PAP module to authenticate users based on their stored password
#
# Supports multiple encryption schemes
# clear: Clear text
# crypt: Unix crypt
# md5: MD5 ecnryption
# sha1: SHA1 encryption.
# DEFAULT: crypt
pap {
#encryption_scheme = crypt
encryption_scheme = md5
}
And finally the relevant lines when running radiusd -X is as follows:
rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:3091, id=26,
length=51
User-Name = "mikelampson"
User-Password = "test123"
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
rlm_realm: No '@' in User-Name = "mikelampson", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
users: Matched mikelampson at 129
modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns ok for request 1
rad_check_password: Found Auth-Type PAP
auth: type Crypt
auth: Failed to validate the user.
I am using NTRadPing to generate the request.
Any suggestions appreciated.
Thanks,
Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
