Alan DeKok wrote:
Florian Prester [EMAIL PROTECTED] wrote:
1.) PAP is just the clear-text password???
Yes.
- I thought pap is hashing the password with a challenge (MD-5).
Stop worrying about it. PAP is the clear-text password.
Got it now, thanks!
So I want to
Thanks, I'll try that.
Patrik Backentoft
Alan DeKok wrote:
Patrik Backentoft [EMAIL PROTECTED] wrote:
is this possible at all, i.e. not entering user name and password and
only use CallingStationId?
yes.
DEFAULT Calling-Station-Id == "foo", Auth-Type := Accept
Hi All,
I would really appriciate, if you would kindly help me
out.
I'm trying to install FreeRadius-1.0.4(downloaded from
freeradius.org) on Solaris OS 10 (SPARC) as below:
/usr/local/src/freeradius-1.0.4# ./configure
/usr/local/src/freeradius-1.0.4# make
Hi,
We are particulary intrested to solve the problem of
Theft of password.
(snipp)
The advantage of this scheme is proxy
radius server cannot see password in clear text.
Why send clear text passwords over the net at all?
I.e., why don't you simply use CHAP or a similar
protocol?
Hello All,
I have mac address auth such as the example below in my users file
00097c78dd2d Auth-Type := Local, User-Password == 00097c78dd2d
Tunnel-Type:1=13,
Tunnel-Medium-Type:1=6,
Tunnel-Private-Group-Id:1=23
I would like to add the ability to proxy peap request to another radius
I have MySQL 4.1.12 installed from binary distribution in Debian Linux and
I'm trying to install freeradius 1.0.4
Include and lib path for MySQL are correct:
./configure --with-mysql-include-dir=/usr/local/mysql/include --with-mysql-l
ib-dir=/usr/local/mysql/lib
But output of configure script
Hi all!
I execute an external script as soon as I get an Access- or an
Accounting-Request. The scripts collects (from the environment
variables) all the attributes received and writes them to a Database. I
encountered a problem recently. The attribute User-Name is missing (its
value equals
hi - we're successfully using snmp to monitor the freeradius statistics.
however - when freeradius is restarted with HUP signal, the snmp connection
doesn't work. i'm not too familair with snmp/smuc but i'm guessing
freeradius is not reconnecting to snmpd?
to solve this we have to restart snmpd
Hi Kevin
Thanks for such a quick reply. I added the line you specified to my
proxy.conf file and now when I run my radius server I get the following
error:
/usr/local/etc/raddb # radiusd -X
[1] 11158
/usr/local/etc/raddb # Starting - reading configuration files ...
reread_config: reading
Hi Everybody,
I found the solution to the task I described, it is quite simple. I
would like to share the solution with you just in case you want the same
feature in the future.
I've added post-auth callback for files module, which actually just
calls callback used for authentication.
freeradius can't connect to mysqld due to incorrect mysqld.sock path.
rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius
rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through
socket '/var/run/mysqld/mysqld.sock' (2)'
rlm_sql (sql): Failed to connect
Try adding it to your users file instead...
--
Chris.
- Original Message -
From: Hassan Wahid [EMAIL PROTECTED]
To: freeradius-users@lists.freeradius.org
Sent: Thursday, June 23, 2005 4:11 PM
Subject: Re: Wildcard Login
Hi Kevin
Thanks for such a quick reply. I added the line you
rashad wrote:
freeradius can't connect to mysqld due to incorrect mysqld.sock path.
rlm_sql_mysql: Couldn't connect socket to MySQL server [EMAIL PROTECTED]:radius
rlm_sql_mysql: Mysql error 'Can't connect to local MySQL server through
socket '/var/run/mysqld/mysqld.sock' (2)'
rlm_sql (sql):
Paul!
Thanks for your respond! I do keep radacct logs and I did check it. I
even run my server in debug mode and saw that the User-Name attribute is
actually there. As for the other attributes I manage to get all of them
except the User-Name! I find this very strange and it is almost driving
When I had this problem , on any environment,
not specifically freeradius, the more quick solution was make a link of the
actual pathof the mysql sock to the path where this is expected
('/var/run/mysqld/mysqld.sock'
)
Ernesto Freyre RamrezJefe de
OperacionesQnetSoluciones
problem was here:
checking for mysql/mysql.h... yes
checking for mysql_init in -lmysqlclient... no
configure: warning: mysql libraries not found.
When freeradius installation process can't find mysqlclient he thinks that
libraries are missing (these are different things).
Installing
/var/run/mysqld/mysqld.sock is the usual location of that socket. Every
program that wants to connect to mysqld through socket will per default
use that one. I dunno why you set mysql to place the socket to
/tmp/mysqld.sock.
It's not my choice. Latest MySQL binary distribution ver. 4.1.12 uses
Hi,
i use the script Ca.all for creating certificates. The first certificate
going well, because this is the first one the TXT_DB file is created.
But after the second one is created i get : failed to update database.
Soneone know why?
System: Debian/Sarge , Freeradius 1.0.4, CA.all script
Usually, applications just use whatever the installed libraries have for
the default mysqld.sock location. It would seem that you installed
MySQL 4.1.12 from mysql.com but you still have the distribution mysql
libraries lying around. The distro libraries are using
/var/run/mysql/mysqld.sock
Florian Prester [EMAIL PROTECTED] wrote:
Thu Jun 23 08:25:36 2005 : Debug: rad_check_password: Found Auth-Type
LDAP Where does this come from? # I use the NTRadPing Test
Utility
You're using an old version of the server. Install 1.0.4.
Alan DeKok.
-
List
Hassan Wahid [EMAIL PROTECTED] wrote:
I was wondering if there was a way to allow wildcards for logins. For
example, [EMAIL PROTECTED] Rather than adding thousands of users in the
users
file. This is only for a test environment.
I have looked through the users file and older archives
Tariq Rashid [EMAIL PROTECTED] wrote:
however - when freeradius is restarted with HUP signal, the snmp connection
doesn't work. i'm not too familair with snmp/smuc but i'm guessing
freeradius is not reconnecting to snmpd?
It's a known bug. See bugzilla.
Alan DeKok.
-
List
i am running FreeRadius Version 1.0.2 with MySQL 3.23.54 and a Lucent
Portmaster 3 ComOS
3.9
Here are some Snippits from radiusd.conf
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = ${prefix}/var
sbindir = ${exec_prefix}/sbin
logdir =
Lucas Aimaretto wrote:
I'm willing to know how does my radius behave under high load
requirements. Any body knows which application to use ?
Install a CVS snapshot of FreeRADIUS on the machine which runs the
client. New options -p and -n have been added to radclient to
respectively send 'p'
On Thursday 23 June 2005 10:05, Tariq Rashid wrote:
correction - there's no need to restart snmpd - to summarise the problem
again:
* -HUP to freeradius causes problem to SMUX/snmpd
* stop then start (kill) work fine since a fresh connection is
re-established.
i suspect that
Hi Stefan,
Why send clear text passwords over the net at all?
I.e., why don't you simply use CHAP or a similar
protocol?
The problem is end-to-end security in proxy chaining envrionment. What
ever may be the protocol(CHAP or any EAP method) proxy server can see the
passwrod since it posses
Tahseen Hussain [EMAIL PROTECTED] wrote:
We are dealing with secuirty problems of Radius in proxy chaining setup
whre end-to-end security is missing.
There was a proposal years ago to use kerberos to solve thus (and
other) problems, but it went nowhere.
Our idea is based on the assumtion
Tahseen Hussain [EMAIL PROTECTED] wrote:
The problem is end-to-end security in proxy chaining envrionment. What
ever may be the protocol(CHAP or any EAP method) proxy server can see the
passwrod
No. This is NOT true.
With CHAP or MS-CHAP, the proxying server does not see the password.
[EMAIL PROTECTED] wrote:
and to make a short ? long i get nothing in the log file for any users what
so ever this
is what i see:
I think it's listed as a bug on bugs.freeradius.org
Mon Jun 20 07:58:34 2005 : Error: Ignoring request from unknown client
90.0.0.163:2253
Huh? Of course
hello,I had a problem with my freeradius. when I debug
and send radest there no rad-recev about
accounting-request there only about access-request.
can anyone help me whats wrong with my configuration??
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config:
hello,I had a problem with my freeradius. when I debug
and send radest there no rad-recev about
accounting-request there only about access-request.
can anyone help me whats wrong with my configuration??
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config:
31 matches
Mail list logo