Dear Sarick, Any challenge-response based authentication can't work with crypted password. One and only exception is NT password which can be used for MS-CHAP v1/2 authentication.
--Monday, November 25, 2002, 2:07:32 PM, you wrote to [EMAIL PROTECTED]: S> Hi, firstly thanks your quick response. :-) S> ----- Original Message ----- S> From: "3APA3A" <[EMAIL PROTECTED]> S> To: "Sarick" <[EMAIL PROTECTED]> S> Cc: <[EMAIL PROTECTED]> S> Sent: Monday, November 25, 2002 6:50 PM S> Subject: Re[2]: Problem: authenticate with /etc/passwd users >> Dear Sarick, >> >> In your case problem is you try to use crypyted passwords with EAP/md5. >> For EAP/md5 you need cleartext password. >> S> So, what should I do if I want to use the crypted passwords? S> Should I make the rlm_passwd module? S> How should I config it? S> My ambition is to make a 802.1x authentication. Authentication messages from S> authenticating S> supplicant (client) be in EAP format (I use /EAP-MD5). S> And user-names and user-passwords can be derived from the /etc/passwd file. S> Therefore, I don't have to maintain S> the ./raddb/users file too constantly. S> Below is my radiusd.conf for EAP section:-------------- S> # For all EAP related authentications S> eap { S> # Invoke the default supported EAP type when S> # EAP-Identity response is received S> default_eap_type = md5 S> # Default expiry time to clean the EAP list, S> # It is maintained to co-relate the S> # EAP-response for each EAP-request sent. S> timer_expire = 60 S> # Supported EAP-types S> md5 { S> } S> #....................Skip S> ## EAP-TLS is highly experimental EAP-Type at the moment. S> # Please give feedback on the mailing list. S> #tls { S> # private_key_password = password S> # private_key_file = /path/filename S> mschap { S> # Location of the SAMBA passwd file S> # passwd = /etc/smbpasswd S> # authtype value, if present, will be used S> # to overwrite (or add) Auth-Type during S> # authorization. Normally should be MS-CHAP S> authtype = MS-CHAP -- ~/ZARAZA Неприятности начнутся в восемь. (Твен) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html