subject:"compiling pam radius module"

Re: compiling pam radius module

2011-08-24 Thread g17jimmy

I'm sure this won't surprise anyone, but the problem had nothing to do with
radius. I had only entered the radius module in the pam config for ssh, but
I had a kerberos config in the system auth pam config. When I enabled debug
for the radius module I saw the kerberos realm info being passed in syslog.
I entered the pam-radius module in the system-auth config and everything
works.



--
View this message in context: 
http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4730628.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

compiling pam radius module

2011-08-23 Thread g17jimmy

I am trying to get pam radius module to work but the module does not seem to
be encrypting properly. When I test using radtest authentication works, but
when attempting a pam authentication the password shows as garbage. I have
verified that the shared secret I'm using is the same for both
configurations.

I will post debug logs shortly.

--
View this message in context: 
http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4727149.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

2011-08-23 Thread g17jimmy

This is the output from the compile. Are the messages here anything to be
concerned with?

[root@csp pam_radius-1.3.17]# make 
cc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
pam_radius_auth.c: In function ‘talk_radius’:
pam_radius_auth.c:886: warning: pointer targets in passing argument 6 of
‘recvfrom’ differ in signedness
pam_radius_auth.c: In function ‘pam_sm_authenticate’:
pam_radius_auth.c:1102: warning: assignment from incompatible pointer type
cc -Wall -fPIC   -c -o md5.o md5.c
ld -Bshareable pam_radius_auth.o md5.o -lpam -o pam_radius_auth.so

--
View this message in context: 
http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4727343.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

2011-08-23 Thread Alan DeKok

g17jimmy wrote:
 This is the output from the compile. Are the messages here anything to be
 concerned with?

  No.

 [root@csp pam_radius-1.3.17]# make 
 cc -Wall -fPIC -c pam_radius_auth.c -o pam_radius_auth.o
 pam_radius_auth.c: In function ‘talk_radius’:
 pam_radius_auth.c:886: warning: pointer targets in passing argument 6 of
 ‘recvfrom’ differ in signedness
 pam_radius_auth.c: In function ‘pam_sm_authenticate’:
 pam_radius_auth.c:1102: warning: assignment from incompatible pointer type
 cc -Wall -fPIC   -c -o md5.o md5.c
 ld -Bshareable pam_radius_auth.o md5.o -lpam -o pam_radius_auth.so
 
 --
 View this message in context: 
 http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4727343.html
 Sent from the FreeRadius - User mailing list archive at Nabble.com.
 
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

2011-08-23 Thread g17jimmy

I didn't think so, just making sure. I'll test more and post the output.

--
View this message in context: 
http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4727533.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

2011-08-23 Thread g17jimmy

 request to realm NULL 
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
[ldap] performing user authorization for rsguser
[ldap] WARNING: Deprecated conditional expansion :-.  See man unlang for
details
[ldap]  expand: (uid=%{Stripped-User-Name:-%{User-Name}}) - (uid=rsguser)
[ldap]  expand: dc=remoteservices,dc=CSPKRB - dc=remoteservices,dc=CSPKRB
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as / to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=remoteservices,dc=CSPKRB, with filter
(uid=rsguser)
[ldap] checking if remote access for rsguser is allowed by dialupAccess
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
WARNING: No known good password was found in LDAP.  Are you sure that the
user is configured correctly?
[ldap] user rsguser authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
  WARNING: Empty section.  Using default return values.
Sending Access-Request of id 241 to 192.168.10.108 port 1812
User-Name = rsguser
User-Password = \010\n\r\177INCORRECT
NAS-IP-Address = 192.168.10.107
NAS-Identifier = sshd
NAS-Port = 18542
NAS-Port-Type = Virtual
Service-Type = Authenticate-Only
Calling-Station-Id = CSID IP ADDRESS -- removed
Proxy-State = 0x3631
Proxying request 0 to home server 192.168.10.108 port 1812
Sending Access-Request of id 241 to 192.168.10.108 port 1812
User-Name = rsguser
User-Password = \010\n\r\177INCORRECT
NAS-IP-Address = 192.168.10.107
NAS-Identifier = sshd
NAS-Port = 18542
NAS-Port-Type = Virtual
Service-Type = Authenticate-Only
Calling-Station-Id = CSID IP ADDRESS -- removed
Proxy-State = 0x3631
Going to the next request
Waking up in 0.8 seconds.
rad_recv: Access-Reject packet from host 192.168.10.108 port 1812, id=241,
length=24
Proxy-State = 0x3631
+- entering group post-proxy {...}
[eap] No pre-existing handler found
++[eap] returns noop
Login incorrect (Home Server says so): [rsguser] (from client 192.168.0.0/16
port 18542 cli [IP ADDRESS -- removed]
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} - rsguser
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 61 to 192.168.10.109 port 19567
Waking up in 4.7 seconds.
Cleaning up request 0 ID 61 with timestamp +2475
Ready to process requests.


--
View this message in context: 
http://freeradius.1045715.n5.nabble.com/compiling-pam-radius-module-tp4727149p4727853.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

2011-08-23 Thread ken Brown

Hello,

 So when do you want to get your goods?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: compiling pam radius module

compiling pam radius module

Re: compiling pam radius module

Re: compiling pam radius module

Re: compiling pam radius module

Re: compiling pam radius module

Re: compiling pam radius module

7 matches

Site Navigation

Mail list logo

Footer information