Quoting Alan DeKok <al...@deployingradius.com>:
No. You can't turn off EAP. The client is sending EAP to the server.
You need to change the client. And likely you can't, because it
*needs* to do EAP.
Indeed, the key_mgmt attribute in my wpa_supplicant.conf is set to
WPA-EAP and it looks like that's my only option. But, if you're
correct, then how is this supposed to work? You make it sound like a
catch-22.
... freeradius' debug output has changed significantly:
Read it. If the messages aren't clear, I really don't know what to do.
AFAICT, the most pertinent message is:
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
However, it seems freeradius is not actually using the PAM modules,
because nothing is showing up in /var/log/auth.log (I have yet to see
it do that). Otherwise, I've checked that the Unix password for my
account on the freeradius host is correct.
Cheers,
Jaap
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html