Re: Mysql problem
On 3/16/06, Alan DeKok <[EMAIL PROTECTED]> wrote: > "Fabiano Rodrigo Boscatto" <[EMAIL PROTECTED]> wrote: > > Hi there, i have freeradius working fine with mysql authentication. The > > problem is that the User-Password is stored in mysql table as clear text. Is > > there a way to crypt that? > > Change User-Password to Crypt-Password, and encrypt the password > with the Unix crypt() tool. > > Then CHAP & MS-CHAP stop working. > > If you want to encrypt the password with some kind of key, and then > make the key available to FreeRADIUS too, that might be useful. Maybe. > > But it's not as useful as it might first look. You're better off > controlling access to the entire MySQL DB, which contains a lot more > security information than the clear-text password. > > Alan DeKok. And what I must to do if I want to use MD5 to store the passwords? Greets, Aitor -- ab. d88b. 8P"YP"Y88 8|o||o|88 8'.88 8`._.' Y8. d/ `8b. dP .Y8b. d8:' " `::88b d8" 'Y88b :8P' :888 8a. : _a88P ._/"Yaa_: .| 88P| \YP"`| 8P `. / \.___.d|.' `--..__)P`._.' - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No matching entry in the database for request from user...
El Miércoles, 1 de Marzo de 2006 13:51, [EMAIL PROTECTED] escribió: > Hi, > > > SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = > > 'kno' ORDER BY id; > > ++--+---+---++ > > > > | id | UserName | Attribute | Value | op | > > > > +----+--+---+---++ > > > > | 1 | kno | User-Password | kk| := | > > > > ++--+---+---++ > > UserName > Username No it was not. I've truncate all tables (usergruup, etc) execept radcheck and it has work. Now to crypt passwords with md5 Thanks a lot, kNo > > ? > > alan > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No matching entry in the database for request from user...
El Miércoles, 1 de Marzo de 2006 12:47, Stefan Winter escribió: > > ++--+---+---++ > > > > | id | UserName | Attribute | Value | op | > > > > ++--+---+---++ > > > > | 1 | kno | Password | kk| == | > > > > ++--+---+---++ > > Try calling the attribute "User-Password" and the op ":=" as it is > documented in lots of places and discussed very often on this list. > > Greetings, > > Stefan Winter Ok changed: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'kno' ORDER BY id; ++--+---+---+----+ | id | UserName | Attribute | Value | op | ++--+---+---++ | 1 | kno | User-Password | kk| := | ++--+---+---++ But the same message in the server: rlm_sql (sql): No matching entry in the database for request from user [kno] rlm_sql (sql): Released sql socket id: 4 Login incorrect (No password configured for the user): [kno/kk] (from client kno port 1) Login incorrect: [kno/kk] (from client kno port 1) rad_recv: Access-Request packet from host 80.xx.xx.xx:59454, id=214, length=55 Sending Access-Reject of id 214 to 80.xx.xx.xx:59454 More ideas? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No matching entry in the database for request from user...
Hi, I've just start "playing" with freeradius and I'm doing some test to learn. The authorization via files works: radtest kno1 kk 80.xx.xx.xx 1 testing123 Sending Access-Request of id 128 to 80.xx.xx.xx port 1812 User-Name = "kno1" User-Password = "kk" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 rad_recv: Access-Accept packet from host 80.xx.xx.xx:1812, id=128, length=33 Reply-Message = "Hello, kno1" But I want to do it via mysql, and here is the problem. I've try to follow the notes at http://www.frontios.com/freeradius.html I've an user in the DB: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'kno' ORDER BY id; ++--+---+---++ | id | UserName | Attribute | Value | op | ++--+---+---++ | 1 | kno | Password | kk| == | ++------+---+---++ But the authorization fails: radtest kno kk 80.xx.xx.xx 1 testing123 Sending Access-Request of id 110 to 80.xx.xx.xx port 1812 User-Name = "kno" User-Password = "kk" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Re-sending Access-Request of id 110 to 80.xx.xx.xx port 1812 User-Name = "kno" User-Password = "kk" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 [re-sending 4 times] rad_recv: Access-Reject packet from host 80.xx.xx.xx:1812, id=110, length=20 The server side log: rad_recv: Access-Request packet from host 80.xx.xx.xx:59115, id=110, length=55 User-Name = "kno" User-Password = "kk" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 rlm_sql (sql): Reserving sql socket id: 4 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'kno' ORDER BY id; rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'kno' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id; rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'kno' ORDER BY id; rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'kno' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id; rlm_sql (sql): No matching entry in the database for request from user [kno] rlm_sql (sql): Released sql socket id: 4 Login incorrect (No password configured for the user): [kno/kk] (from client kno port 1) Login incorrect: [kno/kk] (from client kno port 1) rad_recv: Access-Request packet from host 80.xx.xx.xx:59115, id=110, length=55 Sending Access-Reject of id 110 to 80.xx.xx.xx:59115 I don't know where is the error, any ideas? Thanks, kNo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html