Hi All, We recently spent several days trying to track down that problem.
We are running Debian 2.2 potato (stable) which quite a few packages pulled from woody (testing), w/ shadow passwords. As per the configuration file, we uncommented the: # shadow = /etc/shadow line in the configuration file, which proved to be our mistake. We tried just about everything else we could to get it working. Unfortunately I don't have copies of the output from radiusd -X and radtest, and the server is now live. However, radtest was saying "Access-Reject packet", and radiusd -X mentioned something about group authentication and then rlm_unix: invalid something. The problem we were experiencing was the authentication against accounts in /etc/passwd|/etc/shadow were not working. We had other accounts where the password was stored in the users file, and they were working fine. Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 "It's the smell! If there is such a thing." Agent Smith - The Matrix ----- Original Message ----- From: "Alan DeKok" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, February 19, 2002 2:49 AM Subject: Re: Configuring to use shadow passwords > "Robert Bess" <[EMAIL PROTECTED]> wrote: > > Radius seems to be running. When I run radtest with a username that > > exists in the /etc/raddb/users file it works if I specify a password. > > > > i.e. bob Password = "bob" > > > > but not if I try to use a real system user. > > > > i.e. bob Auth-Type = Unix > > > > When I do that radtest says: Access-Reject packet from host . > > Have you run the server in debugging mode to see what's *really* > going on? > > > Is there any other reason my server might be rejecting the users in my > > system password file? > > Have you read the FAQ? > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
