You can load clients dynamically. There should be examples in sites-available.
-Arran
> nobody can help?
>
> --
> View this message in context:
> http://freeradius.1045715.n5.nabble.com/Shared-Secret-UAM-Secret-tp4275444p4278172.html
> Sent from the FreeRadius - User mailing list archive at Na
nobody can help?
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Shared-Secret-UAM-Secret-tp4275444p4278172.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
pulse@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: Tuesday, February 01, 2011 3:45 AM
To: FreeRadius users mailing list
Subject: Re: shared-secret
Travis Dimmig wrote:
> freeRadius seems to have a 32 character limit on the length of the
> shared-secret.
No.
If you're seeing that, either the
Travis Dimmig wrote:
> freeRadius seems to have a 32 character limit on the length of the
> shared-secret.
No.
If you're seeing that, either the documentation is out of date, or
you're using a ~10 year-old version of the server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://ww
Hi,
> freeRadius seems to have a 32 character limit on the length of the
> shared-secret. Is there any way to override that or use a longer
> shared-secret?
there have been discussions about this in the past. at the time, common
length was 16 char 32 is big..and with Message-Authenticato
Cesar De la Hoz wrote:
> I want to setup a Client in my server by only setting his IP, and not caring
> about the share secret he's using. Is this possible ?
No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
> (1) The shared secret is wrong
> (2) The code is buggy
>
> There are no alternatives.
>
> This is often due to broken MD5 libraries, or 32/64-bit issues. But
> FreeRADIUS hasn't had those kind of bugs for *years*.
Yep, you were right, there must be some corruption
Alan DeKok wrote:
> (1) The shared secret is wrong
> (2) The code is buggy
>
> There are no alternatives.
>
> This is often due to broken MD5 libraries, or 32/64-bit issues. But
> FreeRADIUS hasn't had those kind of bugs for *years*.
I suspect you may well be right.
Upgrading FC6 hasn
ken wrote:
...
> User-Password = "\356za\360V\202oljug\263\025M!)"
(1) The shared secret is wrong
(2) The code is buggy
There are no alternatives.
This is often due to broken MD5 libraries, or 32/64-bit issues. But
FreeRADIUS hasn't had those kind of bugs for *years*.
Alan D
Hi,
> I acan make ntlm_auth work from command line but not from
> FreeRadius yet - so I dropped it and am trying to ensure I can
> run a minimal test.
permissions. make sure that /var/cache/samba/winbind_priviledged
is owned by freeradius or the freeradius group.
alan
-
List info/subscribe/un
Edvin Seferovic wrote:
> Does this have anything to do with the authentication method and AD ? I
> don't think so.
Neither do I! We're not looking at AD yet. A colleague of mine
tried to set it up for JRS by roughly copying someone else's
configuration. It failed. So I reinstalled FreeRadius a
Josh Howlett wrote:
> What happens if, using radtest, you specify the username *without* the
> realm from the remote machine?
It fails just the same way
It fails whether user is in /etc/passwd or /etc/raddb/users
It fails whether "Auth := local" is in there or not
It fails whether I check for
EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
g] On Behalf Of Josh Howlett
Sent: Dienstag, 03. Juli 2007 23:19
To: [EMAIL PROTECTED]; FreeRadius users mailing list
Cc: Josh Howlett
Subject: RE: "Shared secret is incorrect" - but it is identical!
Hi Ken,
What happens if, using radtest, you spec
Hi Ken,
What happens if, using radtest, you specify the username *without* the
realm from the remote machine?
josh.
> -Original Message-
> From:
> [EMAIL PROTECTED]
> us.org
> [mailto:[EMAIL PROTECTED]
freeradius.org] On Behalf Of ken
> Sent: 03 July 2007 22:02
> To: FreeRadius users
There's more going on the exchange than a simple authentication.
The data in the Access-Request packet may have correct data for
authentication. The server will correctly authenticate the entity.
However server signs the response packet with a different secret than
the client making the signa
Hi Peter,
I had same issue on Suse 9.1/64bit version. Some stupid library was broken (
I think the LIBLTDL = /usr/lib64/libltdl.so was wrong ). That had the whole
stuff messed up. Since I am not familiar with NetBSD, maybe you should
consider asking the same question on their mailing list about th
In message <[EMAIL PROTECTED]>, Josh Howlett writes:
>Have you tried putting the secret in clients.conf? I thought the clients
>file was deprecated.
I haven't, and you're probably right that it is. I'll have a look at that.
-s
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/li
Have you tried putting the secret in clients.conf? I thought the clients
file was deprecated.
josh.
Peter Seebach wrote:
Okay, I'm sorta stumped here. I'm getting the exact behavior described for
"shared secret is wrong", but I am pretty confident that it isn't.
FreeRadius 1.1.1, installed o
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Seferovic
Edvin
Sent: Tuesday, May 24, 2005 11:46 AM
To: freeradius-users@lists.freeradius.org
Subject: RE: shared secret problem
Hi,
you welcome ;) If you contact Novell/SuSE and get an answer about this topic
( or maybe a
delayed.
Regards,
Edvin Seferovic
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kris
Sent: Dienstag, 24. Mai 2005 18:24
To: freeradius-users@lists.freeradius.org
Subject: RE: shared secret problem
Thanks so much for the information and quick response
, May 24, 2005 11:17 AM
To: freeradius-users@lists.freeradius.org
Subject: RE: shared secret problem
BINGO... there u go ;)
I was using SuSE PRO 9.1 on x86_64 WHICH WAS BROKEN !! SuSE changed this in
the next version 9.2. Aparently SLES 9 has the same problem. You could try
contacting Novell/SuSe
Regards,
Edvin Seferovic
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kris
Sent: Dienstag, 24. Mai 2005 17:59
To: freeradius-users@lists.freeradius.org
Subject: RE: shared secret problem
So sorry, I'm using SLES 9 for x86_64
--Kris
-Orig
So sorry, I'm using SLES 9 for x86_64
--Kris
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Seferovic
Edvin
Sent: Tuesday, May 24, 2005 10:50 AM
To: freeradius-users@lists.freeradius.org
Subject: RE: shared secret problem
Hi,
can you tell us
Hi,
can you tell us what operating system are you using?
I had recently problems with SuSE 9.1 where some packages were broken and
therefore the shared secret auth wasn't functioning.
Regards,
Edvin Seferovic
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
5 21:20
To: freeradius-users@lists.freeradius.org
Subject: Re: shared secret problem !!!
Do you happen to be using the 64 bit version of FreeRadius from the RPM? If
so
I found it horribly broken. To fix it I:
1. Installed the RPM source.
2. Unbzipped the source.
3. Went into the Make.inc file an
Do you happen to be using the 64 bit version of FreeRadius from the RPM? If so
I found it horribly broken. To fix it I:
1. Installed the RPM source.
2. Unbzipped the source.
3. Went into the Make.inc file and modified one line to read:
LIBLTDL = /usr/lib64/libltdl.so
4. Re-bzipped the so
"PS" <[EMAIL PROTECTED]> wrote:
> ... if a nas sends invalid shared secret I still get it's access
> request packet processed, but only the User-Password is modified
> (with trash).
That's the way RADIUS works.
> As I found out, there is no such problem for accounting packets -
> they are autom
On Thu, 13 May 2004 16:38:37 +0400
"Alexander M. Pravking" <[EMAIL PROTECTED]> wrote:
> On Thu, May 13, 2004 at 11:25:34AM +0100, Graeme Hinchliffe wrote:
> > Well assuming JUST the alphabet was used in the same case thats:
> >
> > 16^26 = 20282409603651670423947251286016 possible combinations
>
On Thu, May 13, 2004 at 11:25:34AM +0100, Graeme Hinchliffe wrote:
> Well assuming JUST the alphabet was used in the same case thats:
>
> 16^26 = 20282409603651670423947251286016 possible combinations
Sorry for pedantry, not 16^26 but 26^16 = 4.36087428994289e+22
;-)
That is, assuming N is a de
> Is 16 bytes enough to protect the server from brute
> force attack ?
Well assuming JUST the alphabet was used in the same case thats:
16^26 = 20282409603651670423947251286016 possible combinations
take a while to search that space.. and the limit is 32, Alan said 16 is
common.
I think we are
Lara Adianto <[EMAIL PROTECTED]> wrote:
> What is the common practice used by radius servers and
> clients ?
Not too short, not too long. 16 is a very common length.
> But Freeradius limits the shared-secret to 32. What is
> the rational behind this ?
Any longer than that, and it starts bec
31 matches
Mail list logo