Re: Mac Auth with MySQL

Wed, 17 Mar 2010 08:20:49 -0700 

Hi,
I also tried MAC based authentication. Users can logged in successfully but if some others users know the MAC he can also connect. How to check MAC against CLI. Any help 


Best regards,

Fazal



----- Original Message ----- 
From: "Teguh Kurniawan" <teguhkurniawanwij...@gmail.com>

To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Sent: Tuesday, March 16, 2010 1:52 AM
Subject: Re: Mac Auth with MySQL



On Tue, Mar 16, 2010 at 2:33 AM, Alan Buxey <a.l.m.bu...@lboro.ac.uk> 
wrote:

Hi,


I'll try to make Mac Authentication with MySQL backend. But I always 
rejected.

Mac Authentication only works if I add like the following lines into
the /etc/raddb/users.




90:4 C: E5: 6C: 7E: B6 Auth-Type: = Accept

I use OpenBSD 4.6, FreeRadius 2.1.3 and MySQL 5.0.83.
What should I do, to make it work with MySQL ?




very easy. just set the username to the MAC address and set the value of 
the
clear text password to be the MAC address to. i dont know WHY you've set 
the

value to 'testpwd' - when you use MAC authentication, then the password
is the MAC. ie


Database changed
mysql> select * from radcheck;
+----+-------------------+-----------+----+---------+
| id | username | attribute | op | value |
+----+-------------------+-----------+----+---------+
| 2 | 90:4C:E5:6C:7E:B6 | Password | == | testpwd |
+----+-------------------+-----------+----+---------+



nope. use this

id username attribute op value
10 90:4C:E5:6C:7E:B6 Cleartext-Password := 90:4C:E5:6C:7E:B6


Tue Mar 16 00:40:41 2010 : Debug: WARNING: Are you sure you don't mean
Cleartext-Password?


see that hint?


if your kit doesnt transmit the correct details in the RADIUS - ie it 
doesnt
transmit the MAC as the password, then you'll have to set the Accept..but 
that

can also be done in the SQL! eg

id username attribute op value
11 90:4C:E5:6C:7E:B6 Auth-Type := Accept


it work's. Thank's


alan
-

List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html




-

List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html






















					Reply via email to