On 12/03/2009 12:56 PM, Wim De Hul wrote:
Dear members,I have an issue with the default install of freeradius on Ubuntu 9.04. I only added a user in /etc/freeradius/users: wim Cleartext-Password := "test123" I started freeradius: /usr/sbin/freeradius -X But when I try: radtest wim test123 127.0.0.1 0 testing123 I see: Sending Access-Request of id 96 to 127.0.0.1 port 1812 User-Name = "wim" User-Password = "test123" NAS-IP-Address = 192.168.1.152 NAS-Port = 0 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=96, length=20 In my radiusd output, I see that the passwords do not match: <snip> ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "test123" [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. Login incorrect (rlm_pap: CRYPT password check failed): [wim/test123] (from client localhost port 0)
Does anyone have an idea of what's going on?
The message is pretty clear. You've passed a clear text password but somebody had configured freeradius to use an password encryption scheme of CRYPT, thats not part of the default configuration. Encrypted passwords won't match clear text passwords. Search the files under /etc/raddb to see who has set encryption_scheme to crypt (probably in /etc/raddb/modules/pap).
If ubuntu shipped with this configuration file a bug. If you modified the configuration files then resist the urge :-)
see: http://deployingradius.com/documents/configuration/pap.html -- John Dennis <jden...@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
