Hello,
I have successfuly configured and tested FreeRADIUS with my MySQL schema,
everything works great for the most part.
The only part I'm having trouble with is getting FreeRADIUS to authenticate
off the passwords in the database, which are a traditional (not crypt()) md5 hash.
I have seen the md5 setting for PAP and tried both authtype pap { pap } and
authtype md5 { pap } In my radgroupcheck table, I have set the Auth-Type to
both md5 and pap, depending on which of the above I'm trying to test.
Using the radtest command line util, and the user's plaintext password, I
cannot get the user to authenticate. But if I give radtest the md5 hash, it
appears to successfuly query the user *then* do the md5 hash and match it
against the db.
If I send the query in plaintext in -X mode, I get a "pairs do not match"
error. But as I said before, with the md5 hash, the pairs match up fine then
the authenticate function is carried out.
So, after all this rambling, I guess my question is: Is there anyway to get
the server to md5 hash the password before doing the MySQL query? I believe
this would solve all my problems.
Thanks,
Jeremy
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
