subject:"Problem\: authenticate with \/etc\/passwd users"

Re[4]: Problem: authenticate with /etc/passwd users

2002-11-26 Thread 3APA3A

Dear Sarick,

Any  challenge-response  based  authentication  can't  work with crypted
password.  One  and  only exception is NT password which can be used for
MS-CHAP v1/2 authentication.

--Monday, November 25, 2002, 2:07:32 PM, you wrote to [EMAIL PROTECTED]:

S> Hi, firstly thanks your quick response.  :-)
S> - Original Message -
S> From: "3APA3A" <[EMAIL PROTECTED]>
S> To: "Sarick" <[EMAIL PROTECTED]>
S> Cc: <[EMAIL PROTECTED]>
S> Sent: Monday, November 25, 2002 6:50 PM
S> Subject: Re[2]: Problem: authenticate with /etc/passwd users


>> Dear Sarick,
>>
>> In  your case problem is you try to use crypyted passwords with EAP/md5.
>> For EAP/md5 you need cleartext password.
>>
S> So, what should I do if I want to use the crypted passwords?
S> Should I make the rlm_passwd module?
S> How should I config it?
S> My ambition is to make a 802.1x authentication. Authentication messages from
S> authenticating
S> supplicant (client)  be in EAP format (I use /EAP-MD5).
S> And user-names and user-passwords can be derived from the /etc/passwd file.
S> Therefore, I don't have to maintain
S> the ./raddb/users file too constantly.
S> Below is my radiusd.conf for EAP section:--
S> #  For all EAP related authentications
S> eap {
S> # Invoke the default supported EAP type when
S> # EAP-Identity response is received
S> default_eap_type = md5

S> # Default expiry time to clean the EAP list,
S> # It is maintained to co-relate the
S> # EAP-response for each EAP-request sent.
S> timer_expire = 60

S> # Supported EAP-types
S> md5 {
S> }
S> #Skip
S> ## EAP-TLS is highly experimental EAP-Type at the moment.
S> #   Please give feedback on the mailing list.
S> #tls {
S> #   private_key_password = password
S> #   private_key_file = /path/filename

S> mschap {
S> # Location of the SAMBA passwd file
S> #   passwd = /etc/smbpasswd

S> # authtype value, if present, will be used
S> # to overwrite (or add) Auth-Type during
S> # authorization. Normally should be MS-CHAP
S> authtype = MS-CHAP







-- 
~/ZARAZA
Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü.  (Òâåí)


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re[2]: Problem: authenticate with /etc/passwd users

2002-11-25 Thread Sarick

Hi, firstly thanks your quick response.  :-)
- Original Message -
From: "3APA3A" <[EMAIL PROTECTED]>
To: "Sarick" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 25, 2002 6:50 PM
Subject: Re[2]: Problem: authenticate with /etc/passwd users

> Dear Sarick,
>
> In  your case problem is you try to use crypyted passwords with EAP/md5.
> For EAP/md5 you need cleartext password.
>
So, what should I do if I want to use the crypted passwords?
Should I make the rlm_passwd module?
How should I config it?
My ambition is to make a 802.1x authentication. Authentication messages from
authenticating
supplicant (client)  be in EAP format (I use /EAP-MD5).
And user-names and user-passwords can be derived from the /etc/passwd file.
Therefore, I don't have to maintain
the ./raddb/users file too constantly.
Below is my radiusd.conf for EAP section:--
#  For all EAP related authentications
eap {
# Invoke the default supported EAP type when
# EAP-Identity response is received
default_eap_type = md5

# Default expiry time to clean the EAP list,
# It is maintained to co-relate the
# EAP-response for each EAP-request sent.
timer_expire = 60

# Supported EAP-types
md5 {
}
#Skip
## EAP-TLS is highly experimental EAP-Type at the moment.
#   Please give feedback on the mailing list.
#tls {
#   private_key_password = password
#   private_key_file = /path/filename

mschap {
# Location of the SAMBA passwd file
#   passwd = /etc/smbpasswd

# authtype value, if present, will be used
# to overwrite (or add) Auth-Type during
# authorization. Normally should be MS-CHAP
authtype = MS-CHAP

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[2]: Problem: authenticate with /etc/passwd users

2002-11-25 Thread 3APA3A

Dear Sarick,

In  your case problem is you try to use crypyted passwords with EAP/md5.
For EAP/md5 you need cleartext password.

--Monday, November 25, 2002, 1:30:10 PM, you wrote to [EMAIL PROTECTED]:

S> Hi:
S> I am using Linux RedHat 7.3.
S> Did I make the configuration wrong?

S> Regards
S> Sarick
S> - Original Message -
S> From: "3APA3A" <[EMAIL PROTECTED]>
S> To: "Sarick" <[EMAIL PROTECTED]>
S> Cc: <[EMAIL PROTECTED]>
S> Sent: Monday, November 25, 2002 6:15 PM
S> Subject: Re: Problem: authenticate with /etc/passwd users


>> Dear Sarick,
>>
>> If you use BSD style OS this configuration is incorrect.
>>
>> See doc/rlm_passwd on how to use password files in general case.
>>
>> --Monday, November 25, 2002, 1:01:18 PM, you wrote to
S> [EMAIL PROTECTED]:
>>
>> S> Hi,
>> S> Since I want to allow the users in the /etc/passwd file to authenticate
S> with
>> S> this radius server.
>> S> Below is my radiusd.conf:--
>> S> unix {
>> S> #.
>> S> #  Cache /etc/passwd, /etc/shadow, and /etc/group
>> S> # allowed values: {no, yes}
>> S> cache = yes
>> S> #
>> S> # Reload the cache every 600 seconds (10mins). 0 to
S> disable.
>> S> cache_reload = 600
>> S> #.
>> S> # This is required for some systems, like FreeBSD,
>> S> #  and Mac OSX.
>> S> #
>> S> passwd = /etc/passwd
>> S> shadow = /etc/shadow
>> S> group = /etc/group
>> S> authenticate {
>> S> #  password can be clear-text, or encrypted...
>> S> authtype PAP {
>> S> pap
>> S> }
>> S> #  Most people want CHAP authentication...
>> S> authtype CHAP {
>> S> chap
>> S> }
>> S> #  MSCHAP authentication.
>> S> authtype MS-CHAP {
>> S> mschap
>> S> }
>> S> #   pam
>> S> #  against /etc/passwd!  See the FAQ for details.
>> S> #
>> S> unix
>> S> 
>> S> Then, I try to authenticate the radius server, but failed with the
S> followin
>> S> messages:
>> S> 
>> S> modcall: entering group authenticate
>> S> rlm_eap: Request found, released from the list
>> S> rlm_eap: EAP_TYPE - md5
>> S> rlm_eap: processing type md5
>> S> rlm_eap_md5: No password configured for this user
>> S>   modcall[authenticate]: module "eap" returns invalid
>> S> modcall: group authenticate returns invalid
>> S> auth: Failed to validate the user.
>> S> ---
>> S> I did add the user in the /etc/passwd by "useradd" and "passwd"
S> command.
>> S> Please help me. How can I solve this problem?
>> S> (I can successfully authenticate with the users in ./raddb/users.)
>> S> How can I authenticate the users in /etc/passwd?
>>
>>
>>
>> S> -
>> S> List info/subscribe/unsubscribe? See
S> http://www.freeradius.org/list/users.html
>>
>>
>> --
>> ~/ZARAZA
>> ÝÍÈÀÊàì - ïî ìîðäå!  (Ëåì)
>>
>>
>>




-- 
~/ZARAZA
Æàëî ìíå íå ïîíàäîáèòñÿ (Ñ. Ëåì)


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problem: authenticate with /etc/passwd users

2002-11-25 Thread Sarick

Hi:
I am using Linux RedHat 7.3.
Did I make the configuration wrong?

Regards
Sarick
- Original Message -
From: "3APA3A" <[EMAIL PROTECTED]>
To: "Sarick" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 25, 2002 6:15 PM
Subject: Re: Problem: authenticate with /etc/passwd users


> Dear Sarick,
>
> If you use BSD style OS this configuration is incorrect.
>
> See doc/rlm_passwd on how to use password files in general case.
>
> --Monday, November 25, 2002, 1:01:18 PM, you wrote to
[EMAIL PROTECTED]:
>
> S> Hi,
> S> Since I want to allow the users in the /etc/passwd file to authenticate
with
> S> this radius server.
> S> Below is my radiusd.conf:--
> S> unix {
> S> #.
> S> #  Cache /etc/passwd, /etc/shadow, and /etc/group
> S> # allowed values: {no, yes}
> S> cache = yes
> S> #
> S> # Reload the cache every 600 seconds (10mins). 0 to
disable.
> S> cache_reload = 600
> S> #.
> S> # This is required for some systems, like FreeBSD,
> S> #  and Mac OSX.
> S> #
> S> passwd = /etc/passwd
> S> shadow = /etc/shadow
> S> group = /etc/group
> S> authenticate {
> S> #  password can be clear-text, or encrypted...
> S> authtype PAP {
> S> pap
> S> }
> S> #  Most people want CHAP authentication...
> S> authtype CHAP {
> S> chap
> S> }
> S> #  MSCHAP authentication.
> S> authtype MS-CHAP {
> S> mschap
> S> }
> S> #   pam
> S> #  against /etc/passwd!  See the FAQ for details.
> S> #
> S> unix
> S> 
> S> Then, I try to authenticate the radius server, but failed with the
followin
> S> messages:
> S> 
> S> modcall: entering group authenticate
> S> rlm_eap: Request found, released from the list
> S> rlm_eap: EAP_TYPE - md5
> S> rlm_eap: processing type md5
> S> rlm_eap_md5: No password configured for this user
> S>   modcall[authenticate]: module "eap" returns invalid
> S> modcall: group authenticate returns invalid
> S> auth: Failed to validate the user.
> S> ---
> S> I did add the user in the /etc/passwd by "useradd" and "passwd"
command.
> S> Please help me. How can I solve this problem?
> S> (I can successfully authenticate with the users in ./raddb/users.)
> S> How can I authenticate the users in /etc/passwd?
>
>
>
> S> -
> S> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
>
> --
> ~/ZARAZA
> ÝÍÈÀÊàì - ïî ìîðäå!  (Ëåì)
>
>
>



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problem: authenticate with /etc/passwd users

2002-11-25 Thread 3APA3A

Dear Sarick,

If you use BSD style OS this configuration is incorrect.

See doc/rlm_passwd on how to use password files in general case.

--Monday, November 25, 2002, 1:01:18 PM, you wrote to 
[EMAIL PROTECTED]:

S> Hi,
S> Since I want to allow the users in the /etc/passwd file to authenticate with
S> this radius server.
S> Below is my radiusd.conf:--
S> unix {
S> #.
S> #  Cache /etc/passwd, /etc/shadow, and /etc/group
S> # allowed values: {no, yes}
S> cache = yes
S> #
S> # Reload the cache every 600 seconds (10mins). 0 to disable.
S> cache_reload = 600
S> #.
S> # This is required for some systems, like FreeBSD,
S> #  and Mac OSX.
S> #
S> passwd = /etc/passwd
S> shadow = /etc/shadow
S> group = /etc/group
S> authenticate {
S> #  password can be clear-text, or encrypted...
S> authtype PAP {
S> pap
S> }
S> #  Most people want CHAP authentication...
S> authtype CHAP {
S> chap
S> }
S> #  MSCHAP authentication.
S> authtype MS-CHAP {
S> mschap
S> }
S> #   pam
S> #  against /etc/passwd!  See the FAQ for details.
S> #
S> unix
S> 
S> Then, I try to authenticate the radius server, but failed with the followin
S> messages:
S> 
S> modcall: entering group authenticate
S> rlm_eap: Request found, released from the list
S> rlm_eap: EAP_TYPE - md5
S> rlm_eap: processing type md5
S> rlm_eap_md5: No password configured for this user
S>   modcall[authenticate]: module "eap" returns invalid
S> modcall: group authenticate returns invalid
S> auth: Failed to validate the user.
S> ---
S> I did add the user in the /etc/passwd by "useradd" and "passwd" command.
S> Please help me. How can I solve this problem?
S> (I can successfully authenticate with the users in ./raddb/users.)
S> How can I authenticate the users in /etc/passwd?



S> - 
S> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
~/ZARAZA
ÝÍÈÀÊàì - ïî ìîðäå!  (Ëåì)


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Problem: authenticate with /etc/passwd users

2002-11-25 Thread Sarick

Hi,
Since I want to allow the users in the /etc/passwd file to authenticate with
this radius server.
Below is my radiusd.conf:--
unix {
#.
#  Cache /etc/passwd, /etc/shadow, and /etc/group
# allowed values: {no, yes}
cache = yes
#
# Reload the cache every 600 seconds (10mins). 0 to disable.
cache_reload = 600
#.
# This is required for some systems, like FreeBSD,
#  and Mac OSX.
#
passwd = /etc/passwd
shadow = /etc/shadow
group = /etc/group
authenticate {
#  password can be clear-text, or encrypted...
authtype PAP {
pap
}
#  Most people want CHAP authentication...
authtype CHAP {
chap
}
#  MSCHAP authentication.
authtype MS-CHAP {
mschap
}
#   pam
#  against /etc/passwd!  See the FAQ for details.
#
unix

Then, I try to authenticate the radius server, but failed with the followin
messages:

modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - md5
rlm_eap: processing type md5
rlm_eap_md5: No password configured for this user
  modcall[authenticate]: module "eap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
---
I did add the user in the /etc/passwd by "useradd" and "passwd" command.
Please help me. How can I solve this problem?
(I can successfully authenticate with the users in ./raddb/users.)
How can I authenticate the users in /etc/passwd?



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[4]: Problem: authenticate with /etc/passwd users

Re: Re[2]: Problem: authenticate with /etc/passwd users

Re[2]: Problem: authenticate with /etc/passwd users

Re: Problem: authenticate with /etc/passwd users

Re: Problem: authenticate with /etc/passwd users

Problem: authenticate with /etc/passwd users

6 matches

Site Navigation

Mail list logo

Footer information