Re: rlm_unix error invalid password

[Ivo Simicevic]

Alann DeKok [EMAIL PROTECTED] wrote :
  There really isn't much I can say.  The server is being told the
  password is wrong, that's why it's rejecting the user.


Try commenting lines user= and group= in radiusd.conf and start
radiusd as root.

I had the same problem. Although daemon's group was listed as being
member of shadow group it seems it wasn't working i.e. it was unable
to read /etc/shadow file .

Regards,

Ivo.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_unix error invalid password

[Matt Whiteley]

On Fri, 2003-08-29 at 13:51, Alan DeKok wrote:
 If the module says that the password is incorrect, then it's
 incorrect.
 
   Are you sure that the server is using the right version of crypt() ?
 
   Alan DeKok.
running in debug mode I get this:

rad_recv: Access-Request packet from host 192.168.1.102:1812, id=0,
length=44
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Waking up in 5 seconds...
Thread 1 handling request 0, (1 handled so far)
User-Name = matt
User-Password = correct password
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
  modcall[authorize]: module chap returns noop
  modcall[authorize]: module mschap returns notfound
rlm_realm: No '@' in User-Name = matt, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop
users: Matched DEFAULT at 152
  modcall[authorize]: module files returns ok
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type System
auth: type System
modcall: entering group authenticate
rlm_unix: [matt]: invalid password
  modcall[authenticate]: module unix returns reject
modcall: group authenticate returns reject
auth: Failed to validate the user.
Login incorrect: [matt] (from client wlan port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/0/5
Sending Access-Reject of id 0 to 192.168.1.102:1812
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 3f501f6c
Nothing to do.  Sleeping until we see a request.

I didn't feel like leaving the password in but I had three other people
confirm that it is correct case and everything in between the quotes. 
The user name is also correct for case and spelling.  I am testing from
windows with the Radius Client 1.0 from www.efinesoft.com  I was unable
to find a copy of the ntradping program.  It works with the only other
radius server I have access to.  Forgive my ignorance but I am not sure
how to check the crypt version.  I am looking into that.  I have not
changed anything and all other authentication systems have worked fine.

thanks a lot for the help.

-- 
Matt Whiteley [EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_unix error invalid password

[Alan DeKok]

Matt Whiteley [EMAIL PROTECTED] wrote:
 I didn't feel like leaving the password in but I had three other people
 confirm that it is correct case and everything in between the quotes. 
 The user name is also correct for case and spelling.

  There really isn't much I can say.  The server is being told the
password is wrong, that's why it's rejecting the user.

  About the only thing I can suggest is source code modifications to
rlm_unix, to print both encrypted passwords, so you can see what's
going on.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_unix error invalid password

[Alan DeKok]

Matt Whiteley [EMAIL PROTECTED] wrote:
 The radiusd.conf file contains a unix module for authentication and I
 have tried it with the passwd, group, and shadow files commented and
 uncommented.  I have tried running the server as root (to assure read
 access on these files) or as the default user radiusd.  Running in debug
 mode I can see the password and it is correct however authentication
 fails with:
...
 Wed Aug 27 17:49:50 2003 : Auth: rlm_unix: [matt]: invalid password

  If the module says that the password is incorrect, then it's
incorrect.

  Are you sure that the server is using the right version of crypt() ?

  Alan DeKok.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html