Hi Alan, To give some more debug, the below print is what I am getting on client side. Can you please look in to it?
"pam_radius_auth: packet from RADIUS server 192.168.100.19 fails verification: The shared secret is probably incorrect." Regards, Deep On Mon, Oct 29, 2012 at 6:54 PM, Deep Shah <deep.s...@strixsystems.com>wrote: > Hi, > > > I am trying to integrate linux-pam library and pam_radius_auth module to > my busybox 1.17.3 version. I want to login through radius server on the > host machine. I am using power pc as my board. I have configured the files > of configuration as below. > > *client.conf* * (conf file)* > client 192.168.100.26 { > secret = testing123 > } > > *user (conf file)* > > test Auth-Type := PAP, Cleartext-Password := "testpass" > Reply-Message = "Hello, %{User-Name}, you have successfully > authenticated your login" > > I am getting request on the server side but some error is coming on the > server of password mismatch. Please find the below log for the same. > > rad_recv: Access-Request packet from host 192.168.100.26 port 2970, > id=106, length=69 > User-Name = "test" > User-Password = "C\2758\330E\345RZ\3707\227\001\265[\202H" > NAS-Identifier = "login" > NAS-Port = 1945 > NAS-Port-Type = Virtual > Service-Type = Authenticate-Only > # Executing section authorize from file > /usr/local/etc/raddb//sites-enabled/default > +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name = "test", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > [files] users: Matched entry test at line 54 > [files] expand: Hello, %{User-Name}, you have successfully > authenticated your login -> Hello, test, you have successfully > authenticated your login > ++[files] returns ok > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns updated > Found Auth-Type = PAP > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > !!! Replacing User-Password in config items with > Cleartext-Password. !!! > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > !!! Please update your configuration so that the "known > good" !!! > !!! clear text password is in Cleartext-Password, and not in > User-Password. !!! > > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > # Executing group from file /usr/local/etc/raddb//sites-enabled/default > +- entering group PAP {...} > [pap] login attempt with password "C�8�E�RZ�7??�[?H" > [pap] Using clear text password "testpass" > [pap] Passwords don't match > ++[pap] returns reject > Failed to authenticate the user. > WARNING: Unprintable characters in the password. Double-check the > shared secret on the server and the NAS! > Using Post-Auth-Type Reject > # Executing group from file /usr/local/etc/raddb//sites-enabled/default > +- entering group REJECT {...} > [attr_filter.access_reject] expand: %{User-Name} -> test > attr_filter: Matched entry DEFAULT at line 11 > ++[attr_filter.access_reject] returns updated > Delaying reject of request 1 for 1 seconds > Going to the next request > Waking up in 0.9 seconds. > Sending delayed reject for request 1 > Sending Access-Reject of id 106 to 192.168.100.26 port 2970 > Reply-Message = "Hello, test, you have successfully authenticated your > login" > Waking up in 4.9 seconds. > Cleaning up request 1 ID 106 with timestamp +37 > Ready to process requests. > > Can you please suggest what might be the issue is? I am getting password > as not readable string when I have used the correct password in radius > client and radius server. > > Regards, > Deep > > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html