Im using in Radius Client
Chap-Password. I need know if
Chap-Password send password encripted
for Radius Server or only plain-text?
for send i use
: radclient -f user.send localhost
auth test123
The file user.send is only:
User-Name=teste, Chap-Password=test1e
Im using in Radius Client
Chap-Password. I need know if
Chap-Password send password encripted
for Radius Server or only plain-text?
for send i use
: radclient -f user.send localhost
auth test123
The file user.send is only:
User-Name=teste, Chap-Password=test1e
leaobicalho [EMAIL PROTECTED] wrote:
Im using in Radius Client
Chap-Password. I need know if
Chap-Password send password encripted
for Radius Server or only plain-text?
Did you try it? Or, did you look at the source code?
Either way would be quicker than sending a question to the list
I did try it...I need know only if
when i use in radclient Chap-Password,
if chap-password send password to
server encripyted or no, undestand?
if will send plain-text or encripyted...
leaobicalho [EMAIL PROTECTED] wrote:
Im using in Radius Client
Chap-Password. I need know if
Chap
leaobicalho [EMAIL PROTECTED] wrote:
I did try it...I need know only if
when i use in radclient Chap-Password,
if chap-password send password to
server encripyted or no, undestand?
Yes, I understand very well.
Try using 'tcpdump'.
if will send plain-text or encripyted...
It follows
in the debug log:
SNIP
Thread 1 handling request 0, (1 handled so far)
User-Name = magnus
CHAP-Password = 0x01a030df1ec26de22aa48fb6095472d67d
NAS-Port-Type = Async
Calling-Station-Id = 755270XXX
Called-Station-Id = 0198308066
X-Ascend-Data
CHAP-Password = 0x01a030df1ec26de22aa48fb6095472d67d
s NAS-Port-Type = Async
s Calling-Station-Id = 755270XXX
s Called-Station-Id = 0198308066
s X-Ascend-Data-Rate = 31200
s X-Ascend-Xmit-Rate = 50667
s NAS-IP-Address = 144.130.4.5
s Acct
from the terminal server, this is what
we get in the debug log:
SNIP
Thread 1 handling request 0, (1 handled so far)
User-Name = magnus
CHAP-Password = 0x01a030df1ec26de22aa48fb6095472d67d
NAS-Port-Type = Async
Calling-Station-Id = 755270XXX
) But whever I try to
autheticate through the terminal server, I get the message back Cannot Use
CHAP-Password. (See below for debug)
I've been playing 'round with this for a few days, can't seem to hack my
way out of it. I've also scanned through the archives on the list here, to
no avail. Can
to a very minimal config (attached below) But whever I try to
autheticate through the terminal server, I get the message back Cannot Use
CHAP-Password. (See below for debug)
I've been playing 'round with this for a few days, can't seem to hack my
way out of it. I've also scanned through
info@GoldenIT [EMAIL PROTECTED] wrote:
If i can't see the passwords that means i have half the knowledge to trouble
shoot customers Login problems.
You can't get the plain-text password from a CHAP-Password. It's
impossible. The CHAP-Password method was designed specifically to
PREVENT
freeradlist@GoldenIT [EMAIL PROTECTED] wrote:
in my radius.log file, some of my customers come in as
userxyz, CHAP -password
now how can i see their passwords as i need to trouble shoot some time.
You can't. You only have the CHAP password, as it says. You don't
have
Hi everyone,
in my radius.log file, some of my customers come in as
userxyz, CHAP -password
now how can i see their passwords as i need to trouble shoot some time.
thanx
iq
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 09, 2002
= me
Password = \207\246\031v}\\\237f\207_\307\202#\200\366Q
modcall: entering group authorize
modcall[authorize]: module preprocess returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
modcall[authorize]: module chap returns noop
rlm_ldap: - authorize
rlm_ldap
Michael S. McCollough [EMAIL PROTECTED] wrote:
I am usually not a complete idiot, but I cannot get this to work. Using the
settings for radiusd you recommended I cannot get PAP or CHAP to work. PAP
will work if I put ldap back in the authenticate section.
That's probably because you're
User-Name = me
Password = \207\246\031v}\\\237f\207_\307\202#\200\366Q
modcall: entering group authorize
modcall[authorize]: module preprocess returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
modcall[authorize]: module chap returns noop
rlm_ldap
Kostas Kalevras [EMAIL PROTECTED] wrote:
Do one of the following:
1.
...
Can you add this to the default 'radiusd.conf.in'? There are enough
questions about CHAP and other modules that a template should be in
the default configuration file.
Also, it may be useful to add an 'authorize'
Please forgive if a repost. Not sure my comments below got passed
along...also wanted to tack on a a sample test packet:
sample test:
/usr/local/bin/radclient -x radius-server.mycompany.com auth
mysharedsecret radtest.txt
where radtest.txt resembles:
User-Name = someradiususer
CHAP-Password
the defacto standard, I am not sure is ms-chap and chap are used
interchangably.
From radiusd -X
rlm_ldap: Attribute Password is required for authentication. Cannot use
CHAP-Password.
I need CHAP to work with LDAP but would be happy to see it work with system
auth just to know it works
is in the authorize{} section, this is the only action it takes.
Then you authenticate{} with CHAP, which takes the CHAP-Password from the
inbound packet, and constructs a CHAP-ized version of the cleartext from
LDAP to compare it with.
-Shawn
rlm_ldap: - authenticate
rlm_ldap: Attribute User-Password
To: Michael S. McCollough
Cc: '[EMAIL PROTECTED]'
Subject: RE: CHAP-Password LDAP Auth?
On Tue, 26 Mar 2002, Michael S. McCollough wrote:
Are you using LDAP? This did not work for me. I did get the realms
working though.
Yes, but you _do not_ authenticate off of LDAP. You authorize off of LDAP
(where
Can some tell me how to override the storing of encrypted passwords?
This is a function of how you are, or the routine that enters the user data
into your ldap database is defined. Define as crypt, it goes in encrypted.
-
List info/subscribe/unsubscribe? See
AM
To: [EMAIL PROTECTED]
Subject: RE: CHAP-Password LDAP Auth?
say I will never have questions again). I have identified my problem
with CHAP as my ldap directory is storing encrypted passwords. I
removed rootdn = {crypt}q2r124lojqslk and replaced it with rootdn =
mypassword to see
PROTECTED]
Subject: RE: CHAP-Password LDAP Auth?
Can some tell me how to override the storing of encrypted passwords?
This is a function of how you are, or the routine that enters the user data
into your ldap database is defined. Define as crypt, it goes in encrypted.
-
List info/subscribe
chap was proposed, ms did their own version. Since the MS version
became the defacto standard, I am not sure is ms-chap and chap are used
interchangably.
From radiusd -X
rlm_ldap: Attribute Password is required for authentication. Cannot use
CHAP-Password.
I need CHAP to work with LDAP but would
Wed Mar 20 15:35:57 2002 : Auth: Login incorrect:
[{ed: whatever username -sko}/CHAP-Password] (from nas
UNKNOWN-NAS port 0 cli 8475061520)
If I use just User-Password, this works like a dream. Any suggetions?
Don't use CHAP.
Ok, well the UUNET docs states that I can use PAP
At 11:22 AM 3/21/2002 -0500, Shawn O'Shea wrote:
Wed Mar 20 15:35:57 2002 : Auth: Login incorrect:
[{ed: whatever username -sko}/CHAP-Password] (from nas
UNKNOWN-NAS port 0 cli 8475061520)
If I use just User-Password, this works like a dream. Any suggetions?
Don't use CHAP
Chris,
Chris Parker wrote:
At 11:22 AM 3/21/2002 -0500, Shawn O'Shea wrote:
Wed Mar 20 15:35:57 2002 : Auth: Login incorrect:
[{ed: whatever username -sko}/CHAP-Password] (from nas
UNKNOWN-NAS port 0 cli 8475061520)
If I use just User-Password, this works like a dream. Any
At 12:17 PM 3/21/2002 -0500, Mike Cathey wrote:
Chris,
The qmail-ldap (http://www.nrg4u.com) code (actually IIRC it's the auth
code) supports 2 menthods of LDAP auth. One method attempts to bind to
the directory as the user, which is what it sounds like FreeRADIUS
does. The other methold is
On Thu, 21 Mar 2002, Mike Cathey wrote:
Chris,
Chris Parker wrote:
At 12:17 PM 3/21/2002 -0500, Mike Cathey wrote:
Chris,
The qmail-ldap (http://www.nrg4u.com) code (actually IIRC it's the
auth code) supports 2 menthods of LDAP auth. One method attempts to
bind to the
look at what
attributes we're recieving, so that I could build similar looking access
requests with radclient.
My problem is that the packets from them send the password as
CHAP-Password attribute. If I set this in my test data for radclient, my
freeradius 0.5 server says:
Wed Mar 20 15:35:57 2002
Shawn O'Shea [EMAIL PROTECTED] wrote:
My problem is that the packets from them send the password as
CHAP-Password attribute. If I set this in my test data for radclient, my
freeradius 0.5 server says:
Wed Mar 20 15:35:57 2002 : Auth: rlm_ldap: Attribute User-Password is
required
PROTECTED]
Subject: Re: CHAP-Password LDAP Auth?
Shawn O'Shea [EMAIL PROTECTED] wrote:
My problem is that the packets from them send the password as
CHAP-Password attribute. If I set this in my test data for radclient,
my freeradius 0.5 server says: Wed Mar 20 15:35:57 2002 : Auth:
rlm_ldap
-Original Message-
From: Shawn O'Shea [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 20, 2002 3:43 PM
To: [EMAIL PROTECTED]
Subject: CHAP-Password LDAP Auth?
I'm currently using Steel Belted Radius w/ UU.net and trying to replicate
the functionality of our stell belted server w
-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Could not find proper Chap-Password Lucent AP
Date: Tue, 22 Jan 2002 14:56:23 +0800 (CST)
rlm_chap: could not find proper Chap-Password
attribute in request
I use Lucent AP with EAP-MD5 to interact with
FreeRadius
But The FreeRadius show the above
Hi ,
I have a problem getting server authentication when using the CHAP
password .
I'm sending a small packet consisting of following attributes
framed_ip_address
nas_ip_address
user_name
service_type
framed_protocol
chap_password
But everytime i'm sending i'm receiving an Access Reject
Vijay Rana [EMAIL PROTECTED] wrote:
But everytime i'm sending i'm receiving an Access Reject message from
the server .Can anyone tell me what can be the reasons for this?
Not without access to your machine.
But if you run the server in debugging mode as described in the FAQ
and README,
Title: AW: AW: MS-CHAP Password
Hi Chris
I tried to change Auth-Type to MS-CHAP
result:
/opt/radius/etc/raddb/users[81]: Parse error (check) for entry uad318: Unknown value MS-CHAP for attribute Auth-Type
Errors reading /opt/radius/etc/raddb/users
radiusd.conf[506]: files: Module
38 matches
Mail list logo