Re: rlm_passwd help
Quite right! Thanks for simplifying this for me Matthew. Cheers, Dave Matthew Newton wrote: Hi, Good you got it working. Just as a couple of points: On Wed, Apr 17, 2013 at 02:16:25PM +1000, David Brodrick wrote: I got there. I added authtype = PAP to the passwd module There's no such option, so this is irrelevant. configuration and then DEFAULT Auth-Type = PAP to users. You /shouldn't/ need to do this - FR will generally work this out by itself - just make sure 'passwd' is above 'pap' in authorize. Setting this might cause you problems in the future. Cheers, Matthew - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_passwd help
Hi, Good you got it working. Just as a couple of points: On Wed, Apr 17, 2013 at 02:16:25PM +1000, David Brodrick wrote: > I got there. I added authtype = PAP to the passwd module There's no such option, so this is irrelevant. > configuration and then DEFAULT Auth-Type = PAP to users. You /shouldn't/ need to do this - FR will generally work this out by itself - just make sure 'passwd' is above 'pap' in authorize. Setting this might cause you problems in the future. Cheers, Matthew -- Matthew Newton, Ph.D. Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_passwd help
Hi,
I got there. I added authtype = PAP to the passwd module configuration
and then DEFAULT Auth-Type = PAP to users.
I had tried this earlier but there was a trailing delimiter in the local
password file which wasn't in the format and this seems to have caused
the password verification to fail which threw me off.
Regards,
Dave
David Brodrick wrote:
Hi,
We're experimenting with freeradius for authenticating users in a
custom application. It was straightforward to get this authenticating
against the OS:
DEFAULT Auth-Type = System
But what we want to do is maintain a list of usernames and crypt
passwords in an external file, separate to the operating system users.
The rlm_passwd module should do what we want but I'm having some
trouble getting it to work.
In the radiusd.conf modules section I have:
passwd our_passwd {
filename = /tmp/testpwd
format = "*User-Name:Crypt-Password"
hashsize = 100
ignorenislike = no
allowmultiplekeys = no
}
In sites-enabled/default I added "our_passwd" to the authorize section.
I think that part is essentially working and on my random walks
running freeradius -X it looks like it is reading our passwd file
okay. The thing I do not understand is what to put as the Auth-Type in
the users file in order to authenticate against our file rather than
against the OS?
Any advice would be greatly appreciated.
Thanks,
Dave
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_passwd help
Hi,
We're experimenting with freeradius for authenticating users in a custom
application. It was straightforward to get this authenticating against
the OS:
DEFAULT Auth-Type = System
But what we want to do is maintain a list of usernames and crypt
passwords in an external file, separate to the operating system users.
The rlm_passwd module should do what we want but I'm having some trouble
getting it to work.
In the radiusd.conf modules section I have:
passwd our_passwd {
filename = /tmp/testpwd
format = "*User-Name:Crypt-Password"
hashsize = 100
ignorenislike = no
allowmultiplekeys = no
}
In sites-enabled/default I added "our_passwd" to the authorize section.
I think that part is essentially working and on my random walks running
freeradius -X it looks like it is reading our passwd file okay. The
thing I do not understand is what to put as the Auth-Type in the users
file in order to authenticate against our file rather than against the OS?
Any advice would be greatly appreciated.
Thanks,
Dave
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
