Please anybody help me... I am reposting this message, since I am hitting the dead end with this issue....
Thanks in advance... Hi to all... Does anyone have any idea why placing the following two lines into users file works perfectly with both PAP and CHAP users btest User-Password == Master1 btest Crypt-Password == "$1$KyUhHIHD$R7mAm4rPX1q4WTEJY5rKQ1" whereas placing the same two records into radcheck table doesn't work for PAP it does however work for CHAP? username | att | op | val --------------+-------------------------+----+----------- btest | User-Password | == | Master1 btest | Crypt-Password | == | $1$KyUhHIHD$R7mAm4rPX1q4WTEJY5rKQ1 It seems that rlm_sql is hitting the unencrypted password only, whereas encryption-scheme in radiusd.conf is defined crypt... Am I missing something? Any help will be appreciated Alex Savguira radius -X (version 1.0.4 ) says rad_recv: Access-Request packet from host 192.168.0.8:4544, id=47, length=45 User-Name = "btest" User-Password = "Master1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 rlm_realm: No '@' in User-Name = "btest", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 users: Matched entry DEFAULT at line 171 users: Matched entry DEFAULT at line 173 modcall[authorize]: module "files" returns ok for request 0 radius_xlat: 'btest' rlm_sql (sql): sql_set_user escaped user --> 'btest' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'btest' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'btest' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'btest' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'btest' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 0 modcall[authorize]: module "domainmschap" returns noop for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type PAP auth: type "PAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_pap: login attempt by "btest" with password Master1 rlm_pap: Using password "Master1" for user btest authentication. rlm_pap: Using CRYPT encryption. rlm_pap: Passwords don't match modcall[authenticate]: module "pap" returns reject for request 0 modcall: group Auth-Type returns reject for request 0 auth: Failed to validate the user. Login incorrect (rlm_pap: CRYPT password check failed): [btest/Master1] (from client rasdata port 0) Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 47 to 192.168.0.8:4544 Waking up in 4 seconds... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html