Re: [RADIATOR] Tacacs password issue
Hi, >We have a starange password issue on radiator tacacs.We setup password >length to 8.When user enter 7 character password access rejected,that is >ok.But when a user enters more than 8 characters(like 9,10 etc) He can >login to the related device.What can be the problem? if its standard DES then anything beyong the 8th char is ignored. alan ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] Tacacs password issue
Hi, How are your passwords stored? DES/traditional crypt hashes chops off anything longer than 8 chars. Original message From: Murat Bilal Date: To: radiator@open.com.au Subject: [RADIATOR] Tacacs password issue Hi ALL, We have a starange password issue on radiator tacacs.We setup password length to 8.When user enter 7 character password access rejected,that is ok.But when a user enters more than 8 characters(like 9,10 etc) He can login to the related device.What can be the problem? Thanks___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] Tacacs password issue
Hi ALL, We have a starange password issue on radiator tacacs.We setup password length to 8.When user enter 7 character password access rejected,that is ok.But when a user enters more than 8 characters(like 9,10 etc) He can login to the related device.What can be the problem? Thanks ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] SIGHUP restart and AuthByRADSEC opens an additional socket
Hi Radiator team, a SIGHUP to a running radiator (Version 4.11) opens an additional socket for AuthByRADSEC: before SIGHUP > mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083 > 134.60.Y.X.45917 193.174.Y.X.2083 64128 0 128872 0 ESTABLISHED after SIGHUP > mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083 > 134.60.Y.X.45917 193.174.Y.X.2083 64128 0 128872 0 ESTABLISHED > 134.60.Y.X.57680 193.174.Y.X.2083 9792 0 128872 0 ESTABLISHED Please verify it whether it's a general problem. Best Regards Charly -- Karl Gaissmaier Universität Ulm ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] Radiator 4.11: WARNING: Could not find AuthBy clause with Identifier ...
Hi Heikki, Am 07.07.2013 21:19, schrieb Heikki Vatiainen: ... > Yes, that seems to be it. Thanks everyone for locating the change. I was > thrown off a bit since I was under the impression it fails with stock > 4.11. That's not the case but the change is in the 4.11 patches. It's > also not specific to Solaris either. > > We'll see what can be done for this. the problem, I see with activation during config checks, is only with socket bindings. As far as I see it's only used in: > Radius/AddressAllocatorDHCP.pm > Radius/ServerRADIUS.pm > Radius/ServerTACACSPLUS.pm > Radius/StreamServer.pm Maybe you add a condition in this modules during activate() like ... > | Radius/StreamServer.pm, sub activate() > | 93,99c93,103 > | < bind($s, $paddr) > | < || &main::log($main::LOG_ERR, "Could not bind StreamServer > socket: $!"); > | < listen($s, Socket::SOMAXCONN) > | < || &main::log($main::LOG_ERR, "Could not listen on StreamServer > socket: $!"); > | < &Radius::Select::add_file(fileno($s), 1, undef, undef, > | < \&handle_listen_socket_read, $s, $self); > | < push(@{$self->{sockets}}, $s); > | --- > | > unless ( $self->isCheckingConfiguration ) { > | > bind( $s, $paddr ) > | > || &main::log( $main::LOG_ERR, > | > "Could not bind StreamServer socket: $!" ); > | > listen( $s, Socket::SOMAXCONN ) > | > || &main::log( $main::LOG_ERR, > | > "Could not listen on StreamServer socket: $!" ); > | > &Radius::Select::add_file( fileno($s), 1, undef, undef, > | > \&handle_listen_socket_read, $s, $self ); > | > push( @{ $self->{sockets} }, $s ); > | > } Maybe we introduce other bugs in distance, sigh. Best Regards Charly -- Karl Gaissmaier Universität Ulm ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator