At 16.35 19/12/2003, you wrote:
Roberto Fichera <[EMAIL PROTECTED]> wrote:
> how can I collect all the CHAP-Password or in general all encrypted
password in
> a text file ? It's possible to run some script from the pre-authorization
> section
> where the plain password is
Roberto Fichera <[EMAIL PROTECTED]> wrote:
> how can I collect all the CHAP-Password or in general all encrypted password in
> a text file ? It's possible to run some script from the pre-authorization
> section
> where the plain password is available ?
I don't k
Hi All,
I can collect all the plain text password from radius.log but
how can I collect all the CHAP-Password or in general all encrypted password in
a text file ? It's possible to run some script from the pre-authorization
section
where the plain password is available ?
Does anyone have
from an iPlanet certificate server (EAP-TLS) and also a
> username/password against LDAP. Would this be EAP-TTLS?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
t; from an iPlanet certificate server (EAP-TLS) and also a
> username/password against LDAP. Would this be EAP-TTLS? If someone can
> point me to the correct keyword I'm sure I can figure it out from there.
Yes that would be EAP-TTLS.
You can also set the EAP-TLS-Require-Client-Cert attrib
Hello,
I have a requirement for two stage authentication for wireless networks.
Before the wireless Windows 2000/XP client is even allowed to reach the
domain, it must authenticate to the network with Digital Certs issued
from an iPlanet certificate server (EAP-TLS) and also a
username/password
On Thu, Nov 27, 2003 at 12:09:29AM -0600, Bill Brunton wrote:
> I have looked throught the FAQ, the documentation and some of the files.
> What I would like to do is take the promary server /etc/password file, and
> the /etc/shadow file, and make a .db file of the usernames and
primary.
I have looked throught the FAQ, the documentation and some of the files.
What I would like to do is take the promary server /etc/password file, and
the /etc/shadow file, and make a .db file of the usernames and passwords.
Then I would like to take that .db file, push it over to the
At 10:01 AM 11/21/2003, Stephen Fulton wrote:
Hi all,
I forgot my RADIUS book, otherwise I'd look it up. I've Google'd without
success. When I add a user without a password, I get this error message:
Auth: Login incorrect: [a-test/] (from client
10.100.5.10 port 0)
If I have
Hi all,
I forgot my RADIUS book, otherwise I'd look it
up. I've Google'd without success. When I add a user without a
password, I get this error message:
Auth: Login incorrect: [a-test/] (from client 10.100.5.10 port 0)
If I have the Password AV pair there, but without
Message -
From: "Jean-Paul Chapalain" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, November 20, 2003 1:41 PM
Subject: Re: Block User Account after 10 password failed
> Julien Gabry wrote:
> > Hello,
> >
> > I m sure that this question i
At 07:32 AM 11/20/2003, S-Quadra Security Research^WSpammers wrote:
Topic: FreeRADIUS 0.9.2 "Tunnel-Password" attribute Handling Vulnerability
Severity: Average
Release date: 20 Nov 2003
1. DESCRIPTION
The FreeRADIUS Server (http://www.freeradius.org) is a high-performance
S-Quadra Security Research <[EMAIL PROTECTED]> wrote:
> There exists a security vulnerability in FreeRADIUS up to 0.9.2,
> which may allow an attacker to mount a Denial of Service attack or
> possibly execute an arbitrary code (unproved).
I'm not sure about the code execution, but the bug is rea
S-Quadra Vendor Report #2003-11-20
Topic: FreeRADIUS 0.9.2 "Tunnel-Password" attribute Handling Vulnerability
Severity: Average
Release date: 20 Nov 2003
1. DESCRIPTION
The FreeRADIUS Server (http://www.freeradius.org) is a high-performance
and highly configurable GPL
Julien Gabry wrote:
Hello,
I m sure that this question is redundant but I didn't found answer on my
searchs.
I would like to disable the user account after 10 (more or less) bad
authententification.
I imagine that I can add parameter on the SQL query
for example, checking the bad request log with
Hello,
I m sure that this question is redundant but I didn't found answer on my
searchs.
I would like to disable the user account after 10 (more or less) bad
authententification.
I imagine that I can add parameter on the SQL query
for example, checking the bad request log with a cron, and set a
On Mon, 20 Oct 2003, [EMAIL PROTECTED] wrote:
> Hello,
>
> I am using FreeRADIUS 0.9.1 on RedHat 9.0. For testing and demo
> purposes I am using a simple users file. I would like to set up password
> expiration for the demo accounts that I create.
>
> Is it possible to
Hello,
I am using FreeRADIUS 0.9.1 on RedHat 9.0. For testing and demo
purposes I am using a simple users file. I would like to set up password
expiration for the demo accounts that I create.
Is it possible to add this to the users entry in the user file? If so, what
is the syntax.
Sorry if
Dear Matt Sapp,
rlm_mschap can process both digital and hex format. The problem is
probably here:
MS> rlm_ldap: Added password 8846F7EAEE8FB117AD06BDD830B7586C in check items
8846F7EAEE8FB117AD06BDD830B7586C added as a password to check_items. So,
NT-Password will be re-calculated w
I'm currently storing NT-Password hashes in a MySQL database, and they had to be in
the format of "0xblahblahblah".. Authentication wouldn't work until I started storing
then prefixed with the "0x". I'm not sure if they'd need to be in the same format
Matt,
Thanks for the good info. Unfortunately, that didn't resolve my problem.
Here's what's happening when I try to connect to the wireless network from a
LEAP client (username 'leap_test' password 'password'):
rlm_ldap: performing search in o=PUSD,c=US, w
g thread:
http://lists.cistron.nl/pipermail/freeradius-users/2003-March/017366.html
Based on that thread it looks to me like you need:
password_attribute = "NT-Password"
This is then mapped via the ldap.attrmap file to ntPassword (which you should be able
to change to whatever ldap
O.K., I've almost got this working...
The LDAP stores the NT password in a field called 'ntpassword'. It is
stored as a standard NT-hash - '8846F7...'. I've modified the LDAP module
section so that it uses 'password_attribute = ntpassword'. Now, if
"Michael Kopp" <[EMAIL PROTECTED]> wrote:
> > If you can pull the NT-Password out of the LDAP database, the
> > EAP/LEAP module can use it for authentication.
>
> does this mean this also applies to the newly freeradius feature
> PEAP-MSCHAP2 ?
Yes. Th
Hi,
> > Since we already have the NT
> > hashed version of the password stored in our LDAP that would work
> > beautifully. Am I reading this correctly? Or is my understanding
> clouded
> > by my need to find a solution?
>
> If you can pull the NT-Password ou
"Woods, Bryan" <[EMAIL PROTECTED]> wrote:
> Since my "real" users are in the LDAP, I won't be using the 'users' file.
> So where do I define the Auth-Type? And what value should it be set to?
You don't define the Auth-Type. The server will figure it out on
its own.
> And I'm guessing that I c
use the
'password_attribute' in which we store the ntPassword? Does that sound
correct?
Bryan
-Original Message-
From: Alan DeKok [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 14, 2003 7:55 AM
To: [EMAIL PROTECTED]
Subject: Re: LEAP, LDAP & NT-password
"Woods, Brya
"Woods, Bryan" <[EMAIL PROTECTED]> wrote:
> This all works quite nicely with the test accounts that I setup in the
> 'users' file:
>
> "testeap" Auth-Type := EAP, User-Password == "password"
Don't set Auth-Type to EAP. If there
rk. The
client is a Macintosh iBook running Mac OS 10.2.8 (the latest patches have
been applied).
This all works quite nicely with the test accounts that I setup in the
'users' file:
"testeap" Auth-Type := EAP, User-Password == "password"
Now here's my probl
Probably you need to extract your user password from the ldap entry and make it
available to eap_leap. The password should be clear text for things to work i
think. Check out doc/rlm_eap (EAP-MD5 and ldap) and doc/rlm_ldap on how to
configure password extraction in the ldap module
To complete the
On Tue, 7 Oct 2003, claufer wrote:
>
> > I didn't say that.
> >
> >
> Ok, I?m sorry then I?ve misunterstood something.
>
> >>This means that my UserPassword entry in LDAP is unecessary?
> >>
> >>
> >
> > No.
> >
>
I didn't say that.
Ok, I´m sorry then I´ve misunterstood something.
This means that my UserPassword entry in LDAP is unecessary?
No.
Ok.
I was setting up a DEFAULT password for all my LDAP users in users file.
I don't see why.
Just to see if authentication with p
claufer <[EMAIL PROTECTED]> wrote:
> hmm I'm confused now :/, so I can't use LEAP with freeradius while
> having the whole user attributes (password entry included) in LDAP for
> authentication?
I didn't say that.
> > There is no User-Password in EAP.
thanks for response Alan.
That's for doing PAP authentication against the LDAP server. EAP
isn't PAP, so you can't do EAP authentication against the LDAP server.
hmm I´m confused now :/, so I can´t use LEAP with freeradius while
having the whole user attributes (password
Hi,
I need directions how to set password
expiry. Currently I am using Authentication Type: System. I have already
tested using expired username which I have created on my Linux, but nothing
happened. How to integrate Username settings on Linux and Freeradius? Because
I push users to change
> the message below from debug. Could this error: "rlm_eap_leap: FAILED
> incorrect NtChallengeResponse from AP" has to do with the fact that
> there is no User-Password delivered from AP?
No. It means that the client failed authentication.
> Or am I wrong and there is a invisible User
fact that
there is no User-Password delivered from AP? Or am I wrong and there is
a invisible User-Password delivered with EAP Message?
Thanks for help!
regards,
cl
rad_recv: Access-Request packet from host 10.0.0.3:1070, id=46, length=138
User-Name = "user1"
Cisco-AVPair = "
claufer <[EMAIL PROTECTED]> wrote:
> rad_recv: Access-Request packet from host 141.26.244.225:1052, id=28,
> length=138
...
> EAP-Message = 0x0202000a017573657231
Which means that the EAP module must be used for authentication.
> rad_check_password: Found Auth-Type LDAP
LDAP doesn't know wha
connect
rlm_ldap: attempting LDAP reconnection
rlm_ldap: closing existing LDAP connection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as / to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: performing search in ou=mainz,dc=mydomain.net, with filter
(&am
I'm using freeradius with Ldap ;
I store an md5 password and a Nt password in Ldap.When a user want to login
to my cisco 7100 radius use username and the attribute User Password (where
i store the md5 password).When the user is making a vpn from a windows
client ( using mschap) radius use use
hi,
How to use FreeRadius's dynamic password auth
module ?
Orland Xiao
I'm using freeradius with Ldap ;
I store an md5 password and a Nt password in Ldap.When a user want to login
to my cisco 7100 radius use username and the attribute User Password (where
i store the md5 password).When the user is making a vpn from a windows
client ( using mschap) radius use use
Hi,
I am using freeradius 0.8.1 + freeside billing + MAXTNT. Problem is that
when I connect to MAXTNT using text file, it connects and there is no
disconnection. But when I use database (postgresql), it verifies the
password, Window shows 'Registering your computer on network' , task
Alann DeKok" <[EMAIL PROTECTED]> wrote :
> There really isn't much I can say. The server is being told the
> password is wrong, that's why it's rejecting the user.
Try commenting lines user= and group= in radiusd.conf and start
radiusd as root.
I had the same
Matt Whiteley <[EMAIL PROTECTED]> wrote:
> I didn't feel like leaving the password in but I had three other people
> confirm that it is correct case and everything in between the quotes.
> The user name is also correct for case and spelling.
There really isn't much
On Fri, 2003-08-29 at 13:51, Alan DeKok wrote:
> If the module says that the password is incorrect, then it's
> incorrect.
>
> Are you sure that the server is using the right version of crypt() ?
>
> Alan DeKok.
running in debug mode I get this:
rad_recv: Access-R
or as the default user radiusd. Running in debug
> mode I can see the password and it is correct however authentication
> fails with:
...
> Wed Aug 27 17:49:50 2003 : Auth: rlm_unix: [matt]: invalid password
If the module says that the password is incorrect, then it's
incorrect.
on these files) or as the default user radiusd. Running in debug
mode I can see the password and it is correct however authentication
fails with:
Wed Aug 27 17:49:47 2003 : Info: Listening on IP address 192.168.1.114,
ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Wed Aug 27 17:49:47 2003
Dear Sunny Wong,
You can do it with smbencrypt utility from rlm_mschap module.
--Friday, August 29, 2003, 9:26:21 AM, you wrote to [EMAIL PROTECTED]:
SW> If I use mschap+freeradius+mysql,how to creat NT-password? What tools can encrypt
cleartext to nt-password?
SW> thanks?
--
~/ZARAZA
--- Original Message Below ---
From: "Sunny Wong" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: How to creat NT-Password
Date: Fri, 29 Aug 2003 13:26:21 +0800
If I use mschap+freeradius+mysql,how to creat NT-password? What tools can encrypt
cleartext to nt-password?
t
If I use mschap+freeradius+mysql,how to creat NT-password? What tools can encrypt
cleartext to nt-password?
thanks獠丕~?够?撖殪够??纭囤?0~??b菏+?b策畋觎?¥
hi all,
I have setup a Freeradius 0.9.0 server and store users information into
MySQL, linux box Debian.
I try to authenticate PPP users using PPPoE but it does not work since
the user password is garbage.
For example I get:
User-Name = "John"
User-Password =
"\\\356\344\256\245\2
ssage -
From: "Zoup" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, August 16, 2003 4:39 AM
Subject: dialup_admin and user password change ?
>
> Is there any way to make a webpage so users can change they password
online ?
>
> --
> Wish You W
It depends on your backend database, but usually I use ldap with a db3
database, or a MySQL backend...
If it is a password file it's fairly simple but I wouldn't rely on it...
You could also use a pop3d script that changes the password..
But usually I write a php script that does LDAP
Is there any way to make a webpage so users can change they password online ?
--
Wish You Were Here ...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> > Try the CVS snapshot from tomorrow. The EAP module has been
> >massively re-written since 0.9, and that problem should NOT be
> >occuring.
>
> Massively re-written? Off the top of your head, do you know what major
> things are different? Anyway, I'll try the newest CVS tree. Thanks.
I can
I am in the process of helping a customer of ours figure this out.
He purchased a bunch of users from a competitor, but they can not provide
him with the passwords (only usernames). What I want to do is allow for the
user to pass any password, but then log what they passed.
I have set the
I need to authenticate a user if there Username (MAC Address) is in the
radcheck table, regardless of the password that is sent. The Freeradius
FAQ says this:
5.5 How do I permit access to any user regardless of password?
DEFAULT Auth-Type = Accept
I do not understand where I would
"Mike Hall" <[EMAIL PROTECTED]> wrote:
> 5.5 How do I permit access to any user regardless of password?
> DEFAULT Auth-Type = Accept
>
> I do not understand where I would put this in mysql. Is this in the
> usergroup table? Could I put it into one of the
rom: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Brian Johnson
> Sent: Thursday, August 14, 2003 4:45 AM
> To: [EMAIL PROTECTED]
> Subject: Users without a password
>
> I am in the process of helping a customer of ours figure this out.
>
> He purchased a
"Desmond Rivet" <[EMAIL PROTECTED]> wrote:
> I don't have access to CVS at the moment; have you changed the way new EAP
> types are added?
Only slightly. The EAP sub-modules now have an 'authorize' section,
but it's not currently used for anything. The rest of the changes
involve modifying th
resolution. Is this correct? Can it be changed without modifying
the code?
I tried to get around the limitation by rigging my
password-returning-SQL-query to NOT return a password row when the current
time exceeds the expiry time. This hack was thwarted by some apparent
"caching" in FreeRA
ying
> the code?
Nope. But the source code changes should be ~40 lines or so.
> Notice that "rlm_sql: check items" does not mention a User-Password
> attribute, because there isn't any. the eap authentication module should
> complain about this but does not. How c
> The Expiration attribute seems to be the way to go, but my brief look at
> gettime() in valuepair.c seems to indicate that the attribute value only
has
> a day of resolution. Is this correct? Can it be changed without
modifying
> the code?
Nope. But the source code changes should be ~40 lin
OTECTED]
> Subject: Users without a password
>
>
> I am in the process of helping a customer of ours figure this out.
>
> He purchased a bunch of users from a competitor, but they can not provide
> him with the passwords (only usernames). What I want to do is
> allow for the
>
Thanks Alan. :)
- Brian J.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Alan Litster
> Sent: Thursday, August 14, 2003 5:01 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Users without a password
>
>
> Hav
"Desmond Rivet" <[EMAIL PROTECTED]> wrote:
> > Try the CVS snapshot from tomorrow. The EAP module has been
> >massively re-written since 0.9, and that problem should NOT be
> >occuring.
>
> Massively re-written? Off the top of your head, do you know what major
> things are different? Anyway, I
Hi all,
The usual apologies if this has been dealt with before, or is just plain
silly.
Something has always bothered me about the way passwords are handled for
EAP-MD5 users.
An entry for an EAP user can look like this (say):
"joe" Auth-Type := eap, User-Password
hi
> An entry for an EAP user can look like this (say):
>
> "joe" Auth-Type := eap, User-Password == "hello"
> Session-Timeout = 300
>
> (side note: is the Auth-Type := eap part really necessary? I would expect
> not since the eap modul
Hi,
Have been trying to work my way around an annoying little issue I'd been
having in regards to (shadow) password expiries not being seen when using
the rlm_unix module. (Freeradius 0.9.0 installed on a test Redhat 9 server)
First off let me say that I am not an experienced C programmer
On Tue July 29 2003 18:06, Alan DeKok wrote:
> Yasser Ahmed Hosny <[EMAIL PROTECTED]> wrote:
> > I've downloaded ver 0.9.0 and I've compiled it on 64-bit and again, I've
> > got the same results. Please find the debug messages below.
>
> All I can say is that it appears that parts of the code are
Yasser Ahmed Hosny <[EMAIL PROTECTED]> wrote:
> I've downloaded ver 0.9.0 and I've compiled it on 64-bit and again, I've
> got the same results. Please find the debug messages below.
All I can say is that it appears that parts of the code are not
64-bit clean.
If you can get me an account on
51:59 2003 : Debug: Threads: total/active/spare
threads = 5/1/4 Sun Jul 27 11:51:59 2003 : Debug: Waking up in 5
seconds... Sun Jul 27 11:51:59 2003 : Debug: Thread 1 handling request
0, (1 handled so far)
User-Name = "user101"
User-Password = "test1234"
Kristina Pfaff-Harris <[EMAIL PROTECTED]> wrote:
> The problem seems to be with a 63-character username in combination with a
> 16-character password. In this case, the username isn't a local user, but
> an iPass user where it comes in with a long string that goes som
First,
the names in the DB are all case sensitive. They are 'UserName',
'Attribute', 'op', and 'Value'.
Not
'username', 'attribute', 'op', and 'value'.
Second, name of password field is either 'User-P
51:59 2003 : Debug: Threads: total/active/spare
threads = 5/1/4 Sun Jul 27 11:51:59 2003 : Debug: Waking up in 5
seconds... Sun Jul 27 11:51:59 2003 : Debug: Thread 1 handling request
0, (1 handled so far)
User-Name = "user101"
User-Password = "test1234"
On Mon, Jul 28, 2003 at 02:58:36PM +1200, Salvin Kumar wrote:
> Hi
>
> I am able to authenticate users from the database with the use of the password. And
> this is how my radcheck table looks:
>
> radius=# SELECT * from radcheck;
> id | username | a
Hi
I am able to authenticate users from the database
with the use of the password. And this is how my radcheck table
looks:
radius=# SELECT * from radcheck; id |
username | attribute | op |
value+--+---++--- 3 |
trial | password | == | test 1 |
joe
re threads =
5/1/4
Sun Jul 27 11:51:59 2003 : Debug: Waking up in 5 seconds...
Sun Jul 27 11:51:59 2003 : Debug: Thread 1 handling request 0, (1
handled so far)
User-Name = "user101"
User-Password = "test1234"
NAS-IP-Address = xxx.xxx.xxx.xxx
NAS-
Yasser Ahmed Hosny <[EMAIL PROTECTED]> wrote:
> I am sure of the secret key between the NAS and the Freeradius are the
> same. Even I've tried to use NTRadping test utility to test the Radius
> server, but still same results.
Then the server isn't doing the right thing on your 64-bit
platform.
client (32-bit), it gives me the following error:
WARNING: Unprintable characters in the password. ? Double-check the
shared secret on the server and the NAS!
I am sure of the secret key between the NAS and the Freeradius are the
same. Even I've tried to use NTRadping test utility to test th
with a
16-character password. In this case, the username isn't a local user, but
an iPass user where it comes in with a long string that goes something
like "IPASS/(sessionid)/[EMAIL PROTECTED]" as the username (the whole
string being a total of 63 characters) and any 16-character passwor
gt; we have 3 users in the huntgroup "dune" :
> *arkonen
> *fremen
> *atreide
>
>
> arkonen have the password : epice
> fremen the password : vers
> and atreide the password : sard
> but pass1 is different of pass2 and of pass3
Why do you think that users belong i
On Mon, Jul 21, 2003 at 03:12:03PM +0200, labis siegfried wrote:
> for example
>
> we have 3 users in the huntgroup "dune" :
> *arkonen
> *fremen
> *atreide
>
>
> arkonen have the password : epice
> fremen the password : vers
> and atreide the passwo
for example
we have 3 users in the huntgroup "dune" :
*arkonen
*fremen
*atreide
arkonen have the password : epice
fremen the password : vers
and atreide the password : sard
but pass1 is different of pass2 and of pass3
thanks
siegfried
A 15:05 21/07/03 +0200, Oliver Graf a écrit :
On M
On Mon, Jul 21, 2003 at 02:52:44PM +0200, labis siegfried wrote:
> but in my case, i hade different user in the same group (in huntgroups
> files) and i want to allocate 1 password per user of this group
So you want one password per user. Or do you want one password per
user per hun
but in my case, i hade different user in the same group (in huntgroups
files) and i want to allocate 1 password per user of this group
A 11:55 21/07/03 +0200, Oliver Graf a écrit :
On Mon, Jul 21, 2003 at 11:51:05AM +0200, labis siegfried wrote:
> is it possible to put the user's passwor
On Mon, Jul 21, 2003 at 11:51:05AM +0200, labis siegfried wrote:
> is it possible to put the user's password in the huntgroups files?
>
> i want one password per user, but the user are in the huntgroup file!!!
>
> how can i put the user's password in the huntgroup files
is it possible to put the user's password in the huntgroups files?
i want one password per user, but the user are in the huntgroup file!!!
how can i put the user's password in the huntgroup files!!!
thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
is it possible to put the user's password in the huntgroups files? if yes ,
how can i do this?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Chris Akens <[EMAIL PROTECTED]> wrote:
> Ok, so from all the info I have gathered it is not possible to decrypt the
> MS-CHAP password into a clear text. Is there any method to authenticate
> wireless EAP clients to a kerberos server?
Not right now.
> As of right now, things
Ok, so from all the info I have gathered it is not possible to decrypt the
MS-CHAP password into a clear text. Is there any method to authenticate
wireless EAP clients to a kerberos server? As of right now, things are
looking bleak, seeing how rlm_krb5 needs the plain-text password and MS-CHAP
Chris Akens <[EMAIL PROTECTED]> wrote:
> What I have been unable to figure out is how I pass the correct User-Pass
> attribute from LEAP to rlm_krb5 and become authenticated.
You can't. It's impossible.
The clear-text password is never sent in a LEAP packet.
Ala
I recently got kerberos auth working from FR to a krb server by means of
radtest without any errors or core dumps. However, when actually trying to
authenticate to freeradius I am getting "User-Password" attribute required.
>From what I understand that returned password must not be e
Try this ,
instead of user-password=="password" enter
Crypt-Password="encrypted password" .
You must of course encrypt the password .
On Tue, 2003-07-01 at 12:21, [EMAIL PROTECTED] wrote:
> Hi
> I am authenticating with freeradius with MD5-challenge
> But my pas
"hey my pass is crypt in the users file so decrypt it first!"
I don't know perhaps password attribute or something like this but i don't find
anything so if you could solve my problem i would be gratefull
Thanks
-
This mail sen
FreeRadius, and I have a quick questions about
> authentication. Is there a way for me to use another password file
> besides the standard /etc/passwd one? I won't go into detail, but
> I'll tell you that the primary constraint I have right now is time,
> so I'd like to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi there,
how can I configure Radius to get out own CISCO enable password for each
user?
regards,
Oleg
-BEGIN PGP SIGNATURE-
Version: PGP 8.0
iQA/AwUBPvpN38zLGGLKlEfaEQLASACg0fG7QEpQvmKw+nW0f7Kh0LzMLOcAoPdy
wQ6Cg2aLvIaNbZYl28xyLs6r
=gR4i
Heya folks,
I'm new to the list. We're in the process of attempting to move from
Merit AAA Radius to FreeRadius, and I have a quick questions about
authentication. Is there a way for me to use another password file
besides the standard /etc/passwd one? I won't go into detail,
Hi,
Is there any way I can setup the authentication in
such a way that only a user who is requesting authentication with ip address
only 192.168.0.* will be authenticated?
the following works but only with a specific IP
address:
00904b-60603c Auth-Type := Local,
User-Password
1 - 100 of 415 matches
Mail list logo