On Tue, Sep 23, 2003 at 09:47:33AM -0600, Kenneth Mix wrote:
Currently, when I try to authenticate a user using the PAM RADIUS module, it hangs
my freeradius server at:
pam_pass: using pamauth string radiusd for pam.conf lookup
After this it will not authenticate any other users, no matter
On Thu, Aug 28, 2003 at 10:23:26AM +0600, Eric wrote:
Has anybody linked ppp-daemon to freeradius server.
The 2.4.2b3 release of ppp has its own radiusclient, but it doesn't work.
It works. You're misconfiguring it, or something.
/fc
-
List info/subscribe/unsubscribe? See
On Thu, Aug 14, 2003 at 11:57:48AM +0200, Degrande_Samuel wrote:
I tried to track it and found the memory leak to be IN the solaris
pam modules. After some talks with other people, it seems that
every pam implementation (Solaris, Linux...) suffers from memory leak,
and everybody tell to use a
On Tue, Jul 08, 2003 at 03:54:57PM +0200, Steffen Ullrich wrote:
os: linux
version: freeradius-0.8.1
in async mode, when the authorize code gets the reply with the challenge
in the state it returns successfully but does not set the Auth-Type,
so that the authenticate code (which checks
On Mon, Jul 07, 2003 at 04:29:41PM -0700, Chris Jackson wrote:
Do you have any pointers on where to look next or if this is even
possible?
Configure your NAS to do PAP. You are doing CHAP auth, which isn't
compatible with PAM.
/fc
-
List info/subscribe/unsubscribe? See
On Wed, Jun 25, 2003 at 09:35:42PM -0700, Jacob S. Barrett wrote:
Vendor IDs assigned in the dictionary appear to get sign extended in the
attributes stream.
What version of freeradius? The current code looks correct from
inspection.
(lib/radius.c:278)
/fc
-
List
On Wed, Jun 18, 2003 at 12:14:12AM -0500, Jeff wrote:
Ok I installed version 0.8.1, but I still see the
open(/usr/local/lib/libradius-0.7.so, O_RDONLY) = 3
line. This would indicate-as you said that the linker is not working
correctly? Or looking in the wrong place?
No, if you see that it
On Wed, Jun 18, 2003 at 12:14:12AM -0500, Jeff wrote:
Ok I installed version 0.8.1, but I still see the
open(/usr/local/lib/libradius-0.7.so, O_RDONLY) = 3
line. This would indicate-as you said that the linker is not working
correctly? Or looking in the wrong place?
Here is the output
On Mon, Jun 16, 2003 at 09:27:16PM -0500, Jeff Thompson - World Net Technical Support
wrote:
Module: Loaded SQL
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the
search path of your system's ld.
On Tue, Jun 17, 2003 at 07:30:57PM -0500, Jeff Thompson - World Net Technical Support
wrote:
Can someone give me some ideas here? 0.7 is the only version I can get to
work on FreeBSD, but would like to use .8.1 if it would load the mysql
modules. Anyone?
It'd be good if you could post the
On Tue, Jun 17, 2003 at 10:16:55PM -0500, Jeff Thompson - World Net Technical Support
wrote:
This was covered all yesterday, but here is the output of radiusd -x when
See below
On Tue, Jun 17, 2003 at 07:30:57PM -0500, Jeff Thompson - World Net
Technical Support wrote:
Can someone give
On Tue, Jun 17, 2003 at 10:40:57PM -0500, Jeff wrote:
[MOCKINGBIRD.ROOT][/home/jefft]# strace -e open radiusd
really should have done radiusd -X, but still the info here is good:
open(/usr/local/lib/libradius-0.7.so, O_RDONLY) = 3
first of all, this is freeradius 0.7, not 0.8.1 or CVS (CVS
On Thu, Jun 12, 2003 at 07:58:05PM +0200, Artur Hecker wrote:
all in all, your problem is rather practical, theoretically it would work.
It won't work. No AP vendor in their right mind would implement such
a thing.
Then again, no vendor in their right mind would implement static unchanging
On Wed, Jun 11, 2003 at 11:47:39AM +0200, Norbert Wegener wrote:
I suppose, there is no code available in pppd to do EAP-TLS authentication.
correct
Nevertheless: Is there any other known method to use smart cards instead
of login/password for l2tp/ipsec connections?
None that pppd
On Tue, May 27, 2003 at 08:41:20PM +0800, Zhou Ping wrote:
With SP1 MD5 support for wireless connections is
gone.That's why we want to use MSCCHAPv2 but we think
that Freeradius does not support MSCHAPv2 with EAP. Is
that true? Are there any plans to implement
MSCHAPv2/EAP?
I think
On Fri, Mar 28, 2003 at 11:51:36AM +0300, 3APA3A wrote:
--Thursday, March 27, 2003, 2:39:42 PM, you wrote to [EMAIL PROTECTED]:
AD Try the latest CVS snapshot. I've re-written rlm_mschap to be
AD smaller, simpler, and to have significantly more debug messages.
AD It won't look at
On Fri, Mar 28, 2003 at 06:34:31AM -0500, Alan DeKok wrote:
Frank Cusack [EMAIL PROTECTED]wrote:
On Fri, Mar 28, 2003 at 11:51:36AM +0300, 3APA3A wrote:
/etc/smbpasswd is really not required and was only for compatibility
(anyway it should be noted in Release Notes for peoples
On Tue, Feb 11, 2003 at 03:30:09PM -0500, JR Mayberry wrote:
I'd like to have radius auth be required unless radius is down... I've
been reading and apparently this can be done with PAM_IGNORE. At least on
Solaris I've read that PAM_IGNORE will ignore regardless of required,
sufficient,
On Wed, Feb 12, 2003 at 05:01:02AM -0500, Alan DeKok wrote:
Frank Keeney [EMAIL PROTECTED] wrote:
Problem number two appears to be the Linux platform we used. MS-CHAP will
not work under any condition on our Alpha CPU platforms running
Debian. Our Intel Debian platforms MS-CHAP works fine.
On Wed, Feb 12, 2003 at 10:00:10PM +0100, Daniele Brevi wrote:
Hi at all,
thanks at all for the previous question.
I have read in RFC 3078 that the MPPE key can be changed frequently
MPPE session keys are changed frequently; the exact frequency depends
upon the options negotiated, but may
On Tue, Feb 04, 2003 at 05:31:37AM +0300, Peter V. Saveliev wrote:
RT001-005 uses radius for all aaa: author., authent. and acc.
No it doesn't. No version of IOS supports RADIUS accounting. Please
bring this up with your Cisco sales rep. (It would be really easy
for them to support this.)
On Wed, Jan 29, 2003 at 06:35:05PM -0600, Ryan Beisner wrote:
Is there any way to allow CHAP authentication to LINUX SYSTEM accounts
(via passwd, shadow, etc) ??
No.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, Jan 24, 2003 at 05:30:23PM -0500, TRUCKS, JESSE (SBCSI) wrote:
Is anyone else using the 1.3.15 version of the module? If so, did it
compile out of the box?
Works for me on RHL 6.2. I don't see how Solaris would be different
in any regard.
/fc
-
List info/subscribe/unsubscribe? See
No idea what the problem was. You didn't quote the original message.
/fc
On Tue, Jan 07, 2003 at 09:46:27AM +0800, Brian Leung wrote:
hi all,
i think the problem may be caused by the fact that the freeradius can't
find the ssl library but i already tried to compile the ssl lib in
On Tue, Dec 24, 2002 at 09:35:02AM -, Scott Bartlett wrote:
In FR 0.8, the file /docs/aaa.txt describes 'authorization' and
'authentication' from FreeRadius' point of view and process.
[...]
My reading of /docs/aaa.txt - which is very FreeRadius specific and
detailed - gives me the
On Tue, Dec 24, 2002 at 09:46:31AM +, Simon White wrote:
It's just more complex than your average model of just authenticate then
authorize...
That's being generous. It's not that it's more complex really, it's that
FR is commingling authorize and authenticate, in large part due to certain
On Tue, Dec 24, 2002 at 10:03:45AM -0500, Alan DeKok wrote:
Scott Bartlett [EMAIL PROTECTED] wrote:
Indeed, to pick a definition out of the air,
http://www.ietf.org/internet-drafts/draft-ietf-aaa-transport-10.txt
defines these words thus:
Authentication
The act of
On Thu, Nov 21, 2002 at 09:03:18AM +, Karl Pielorz wrote:
I've got tcpdump's here - I'm not sure (because of the way the secrets
work) that you can do anything with them, other than tell whether or not
the packet was signed with the one you have
Which, luck has it, is enough to debug
On Wed, Nov 13, 2002 at 10:11:45AM +, Simon White wrote:
speed things up right now I'd appreciate if anyone has a script handy
that can generate accounting packets for me.
radclient is part of freeradius and can generate accounting packets.
/fc
-
List info/subscribe/unsubscribe? See
On Mon, Oct 28, 2002 at 03:35:34PM +1100, Paul Hampson wrote:
(Crossposted to freeradius-users due to severity of problem and
triviality of fix)
This should stop FreeRadius from taking all the processes
is can reach with it, while still allowing it to exit cleanly.
(If the commented out
On Fri, Oct 25, 2002 at 12:27:44PM +0200, Giuliano Zorzi wrote:
On Fri, 2002-10-25 at 12:22, Frank Cusack wrote:
On Fri, Oct 25, 2002 at 11:39:37AM +0200, Giuliano Zorzi wrote:
Hi,
I'd like to know what freeradius does when a nas with connected users
goes down (like for connection
On Fri, Oct 25, 2002 at 12:55:28PM -0700, Shri Lohia wrote:
Folks,
I am using Cistron Radius 1.6 6-2. Does it support EAP-TLS ?
My application is WALN.
Where can I find the complete list of features of this release.
In the docs that come with it. This is not the Cistron Radius mailing
On Wed, Oct 16, 2002 at 02:32:52PM +0300, Kostas Kalevras wrote:
rlm_checkval will also log failure messages if the CLID for a user does not
match the configured one. It will only do the check if you have configured an
allowed CLID in ldap for that user and a CLID is included in the incoming
On Tue, Oct 01, 2002 at 08:48:39PM -0400, Dan Monjar wrote:
the users. The odd thing is the users that fail all have a username that
begins with S, C, or P. No other users fail and all of the users with [SCP]
as the first char fail. Running the server with '-xxyz -l stdout' and
trying 10
The Changelog is frequently updated that way. 0.8 is not yet released.
On Sat, Sep 21, 2002 at 12:37:37AM -0500, Nick Marino wrote:
Anyone see version 0.8 released anywhere.
according to this link it was released on 8-22 and shows the complete
changelog for it..
On Sat, Sep 21, 2002 at 04:18:50PM -0400, tywe wrote:
Can someone let me know the easiest way to allow one user with 2
different passwords?
This isn't possible.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Sep 18, 2002 at 04:05:58AM +0100, [EMAIL PROTECTED] wrote:
I recently installed freeradius 0.7.1 on freebsd4.6 and authentication is
working just fine. But accounting only works on Foundry and not Cisco. I'm
not sure if anyone has experienced this in the pass. Any help is
appreciated.
On Wed, Sep 18, 2002 at 05:35:52AM +0100, [EMAIL PROTECTED] wrote:
If someone logs in to a router and issue a command, this is recorded in a
file. I currently use IOS 12.2 The following commands are configured on the
Cisco router.
So, as I said, this is not supported on Cisco w/ RADIUS.
On Tue, Sep 17, 2002 at 10:03:42PM -0700, Frank Cusack wrote:
So, as I said, this is not supported on Cisco w/ RADIUS. Look at the
Cisco docs, it says this explicitly.
( cco-ios-12.2-security-aaa-accounting-command accounting ... I think)
http://www.cisco.com/univercd/cc/td/doc/product
On Tue, Sep 17, 2002 at 10:33:30AM +0800, Nicholas Sim wrote:
If it is using CHAP, how do I change it so that I can get the password
attribute be visible?
If it is using CHAP, you can't. You have to disable CHAP on your NAS.
/fc
-
List info/subscribe/unsubscribe? See
On Wed, Sep 11, 2002 at 12:21:55AM +1000, Brett Maxfield wrote:
Hello,
I am looking for a copy of radkill or something similar. I have read the
FAQ and the site listed does not work (the name resolves, but there is
no route to host)
What i would like is to have a daemon periodically
On Wed, Sep 11, 2002 at 07:59:26AM +1000, Brett Maxfield wrote:
I think that you are right, insofar as having re-authentication as part
of the radius server itself would be a very bad idea. From a design
point of view it should be a completely seperate server, but for the
sake of
On Tue, Sep 10, 2002 at 03:50:16PM -0700, Frank Cusack wrote:
The only feasible way to implement this (as far as I can see) is if you
are talking about PPP users that do CHAP. Create a VSA which is a
re-authorise timer. It would be 20-40 or so of additional code in pppd
and no additional
On Tue, Sep 03, 2002 at 10:11:54AM -0400, Alan DeKok wrote:
Sheldon Fougere [EMAIL PROTECTED] wrote:
I know the Session-Time out attribute will force the NAS to disconnect a
user after that period of specified time if the user is still connected.
Is there an equivalent attribute for
or other documentation on how to create VSA's?
Thanks,
Sheldon
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Frank
Cusack
Sent: Tuesday, September 03, 2002 7:37 PM
To: [EMAIL PROTECTED]
Subject: Re: Session Limits
On Tue, Sep 03, 2002 at 10
On Tue, Aug 13, 2002 at 01:41:06PM +0200, Justin Schoeman wrote:
if (inst-config-authenticate_query){ ...
but in the config parsing a default of (empty string) is specified,
so even if the config string is commented out, it still tries to
authenticate. Changing this to:
On Fri, Aug 09, 2002 at 10:00:58AM +0100, [EMAIL PROTECTED] wrote:
1) Does freeradius write it's PID anywhere?
Yes, to pidfile. This is defined in radiusd.conf.
2) What signals does freeradius accept?
SIGHUP reloads the config.
/fc
-
List info/subscribe/unsubscribe? See
On Sat, Aug 03, 2002 at 10:56:15AM +0600, Mojahedul Hoque Abul Hasanat wrote:
On Thu, Aug 01, 2002 at 10:49:17PM +0600, Dr. Muhammad Masroor Ali wrote:
After some grueling days and kind advice from fellow netizens,
mod_radius_auth does perfect authentication for squid
(2.4.STABLE1) in my
line for pam_radius_auth. That will tell
you definitively if the session module is being used.
Frank Cusack wrote:
Use the PAM session module to have pam_radius_auth generate radius
accounting records. I don't know that this will be useful for squid;
you'll have tons of start/stop records
On Sat, Aug 03, 2002 at 04:47:00AM -0700, Frank Cusack wrote:
'nm squid | grep pam_session_' output would be good to see. If it has
no reference to the start/stop functions, you know squid isn't using them.
Or squid might have been stripped, in which case 'nm' won't tell you
anything. Just
On Fri, Aug 02, 2002 at 02:14:38PM +0800, CheongMeng wrote:
Hi,
found a small bug, which cause segmentation fault, when sql socket not
found for mysql.
Thanks. I've applied something based on your patch.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
time restrictions.
END
Greetings,
I have tried both the kind suggestions of Alan DeKok and Frank Cusack
without any avail. First of all, the latest version from CVS, did
improve the situation. And second, putting daemon.debug in syslog.conf
is not generating anything. The relevant
should for the most part be easily ported (as, obviously,
they are ... there's lots of software for OS X).
/fc
Lasse
-Original Message-
From: Frank Cusack [mailto:[EMAIL PROTECTED]]
Sent: 30 July 2002 15:11
To: [EMAIL PROTECTED]
Subject: Re: Binaries for Mac OS X
I'm not sure
On Wed, Jul 31, 2002 at 11:02:19PM +1000, Matthew Wallis wrote:
That being said, I never seemed to get FreeRadius to work on the box
I had access to, I can't remember now what the problem was, tho I'm sure
my posts are in the archives, if you can make sense of them. I believe
I thought the
On Tue, Jul 30, 2002 at 06:41:56PM +0600, Dr. Muhammad Masroor Ali wrote:
My squid file in pam.d (as was suggested in INSTALL)
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_radius_auth.so debug
auth required
reference.
http://developer.apple.com/darwin/
Jerry
On Monday, July 29, 2002, at 07:48 PM, Frank Cusack wrote:
It is not.
/fc
On Mon, Jul 29, 2002 at 11:25:38AM -0400, Jason Lixfeld wrote:
If I'm not mistaken, the *NIX OS X kernel is a FreeBSD variant, is it
not? Anything
Another radiusd is already running.
On Tue, Jul 30, 2002 at 07:36:06PM +0530, Krishna wrote:
Hi,
When I run radius it gives this error
auth bind : Address is already in use.
What could be the reason?
regards
Krishna
Krishna Shekhar
Network Administrator
Wiplash Wireless
It is not.
/fc
On Mon, Jul 29, 2002 at 11:25:38AM -0400, Jason Lixfeld wrote:
If I'm not mistaken, the *NIX OS X kernel is a FreeBSD variant, is it
not? Anything you can compile for FreeBSD would work on OS X?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
After 0.7 I'll work on a common lib for mppe key generation. 3 modules
now duplicate this code.
/fc
On Fri, Jul 26, 2002 at 02:49:47PM -0400, Alan DeKok wrote:
Lars Viklund [EMAIL PROTECTED] wrote a while ago:
Attached is a patch that adds generation of MS-MPPE-{Send,Recv}-Key
attributes
On Sat, Jul 27, 2002 at 07:02:13PM -0500, Kent Stanford wrote:
Hey, would you or anyone happen to know where I could get a RPM of
freeRadius?
radiusd/redhat/freeradius.spec is very close to what you need. It was
last updated for 0.6. 0.7 is different enough that it's no longer
correct but I
On Wed, Jul 24, 2002 at 02:10:21PM +0500, [EMAIL PROTECTED] wrote:
Problem was in function sql_query: function sql_check_error must be called
with mysql_errno as argument, but was with return value of mysql_query, which
return -1 if query just failed.
attached patch should correct descibed
On Wed, Jul 17, 2002 at 09:18:33AM -0500, Michael Hare wrote:
Anyone have suggestions on how to authenticate against files on a remote
system? Is it even possible?
Scenario:
1. Users have account on machine A.
2. Radius server runs on machine B.
3. It'd be convenient to leverage
On Wed, Jul 10, 2002 at 10:23:34AM +0200, Wim wrote:
Hello,
I'm trying to compile freeradius 0.6 with pam support.
I looked in /doc for the options and I couldn't find anything that could
help me...
I guess i have to run:
./configure --with-static-modules=pam
On Sat, Jul 06, 2002 at 11:02:02AM -0600, Spike Ilacqua wrote:
The remaining problems all relate to rlm_x99_token:
It can't find the SSL include files so added
-I/usr/local/ssl/include to src/modules/rules.mak
x99.h includes inttypes.h, which BSDI 4.2 does not have, commented it out.
On Sun, Jul 07, 2002 at 10:42:13AM +, Michael Bailey wrote:
On Sat, Jul 06, 2002 at 11:02:02AM -0600, Spike Ilacqua wrote:
The remaining problems all relate to rlm_x99_token:
It can't find the SSL include files so added
-I/usr/local/ssl/include to src/modules/rules.mak
I also
On Wed, Jul 10, 2002 at 12:25:09PM -0600, Spike Ilacqua wrote:
I've added a test to configure that should avoid compiling x99_token
if inttypes.h isn't found. Please let me know if it works for you.
I'll give this a try, but as far as I can tell all inttypes.h is
needed for is the
On Wed, Jul 10, 2002 at 01:43:51PM -0600, Spike Ilacqua wrote:
That's true, but if you lack inttypes.h you lack other C99 features and
I don't want to worry about it.
Call me crazy but if a module compiles now I don't think it should be
exclude it because there *might* be a future
On Mon, Jul 08, 2002 at 02:43:30PM -0700, Raghu wrote:
EAP documentation is added to the cvs (doc/eap).
Any Suggestions and feedback are welcome.
Outstanding.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I'll get rlm_x99_token fixed tomorrow, by disabling it for non-C99 systems.
I'll also have it be smarter about openssl's location.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Jul 03, 2002 at 10:50:58AM -0400, Alan DeKok wrote:
FreeRADIUS 0.6.0 has just been released.
Hats off to Alan and the other contributors!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Jun 26, 2002 at 04:57:27PM -0700, Florin Andrei wrote:
I attached the patch that makes pam_radius work on SGI Irix.
Thanks! I've changed it slightly and committed it.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Jun 26, 2002 at 09:59:16PM -0700, Dave wrote:
I think the problem is that the new radiusd is using the 0.5 rlm
libsooops!
The new radiusd won't load older modules. I'd like to see
'strace -e open radiusd -X' if you don't mind. Please send just to me.
/fc
-
List
On Thu, Jun 27, 2002 at 01:51:27PM -0700, Lance Uyehara wrote:
A client of mine wants to use radius with an ldap backend where the
passwords are stored sha hashed.
I see in the freeradius faq there is some mention of using PAP passwords,
but when I look at the radius rfc 2138, I don't
On Thu, Jun 27, 2002 at 03:28:01PM -0700, Lance Uyehara wrote:
PAP is what happens between the user and the NAS, not what happens between
the NAS and the RADIUS server. With PAP, the RADIUS server gets the
password as plaintext (protected on the wire with md5 encryption) and
hashes it,
On Wed, Jun 26, 2002 at 05:31:35PM -0300, Alexandre Strube wrote:
Ok, but my doubt is: how can radius correctly check that a hash corresponds
to the password without knowing what salt was used to generate that hash?
It does know the salt. In the crypt entry
On Sat, Jun 22, 2002 at 08:30:39PM -0400, Hayden Myers wrote:
This may be offtopic and sound stupid but it's radius related. No matter
Not really.
what I try I can't get our AP's to send requests to a freeradius server.
Nothing seems to reach the freeradius server when monitoring with debug
On Tue, Jun 11, 2002 at 03:18:41PM +0400, rust wrote:
Hello Frank,
I have working pptpd + freeradius snapshot 2002-05-22
After installing latest rlm_mschap from 10-06-2002 with your patches i
got errors
I don't have patches for rlm_mschap, so I'm not sure what you're referring
to.
Module loading should be fixed now in CVS.
I'm not sure if it works correctly with static archives, please send email
to the -devel list if you're having problems.
/fc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Is anyone using a win2k RRAS (pptp) server? Can you verify that when
failing over to a backup RADIUS server it sends TWO authentication
requests to the backup?
This breaks my setup. If you know of a fix please send it along.
Thanks
/fc
-
List info/subscribe/unsubscribe? See
Finaly got the actual snapshot running but now I got the following error =
message:
Assertion failed in radiusd.c, line 2540
In the cvs version I have, I see no assertion at line 2540.
revs 1.247 and 1.248 have such an assertion. Anyone having this
problem I suggest you update
On Fri, Jun 07, 2002 at 12:10:00PM +0200, Thomas Jalsovsky wrote:
cp /usr/src/freeradius-snapshot/src/modules/rlm_unix/rlm_unix.la
/usr/local/lib/rlm_unix-0.6.la
That worked for me.
That worked for me, too. When will this problem solved in the CVS?
This weekend. The problem is
On Tue, Jun 04, 2002 at 01:47:09PM +0200, Stefan Immel wrote:
Failed to link to module 'rlm_unix-0.6': file not found
every time I try to start the radius deamon from the newest snapshot I get this
error message.
a ls in /usr/local/lib shows the following:
rlm_unix-0.6.so rlm_unix.la
On Mon, Jun 03, 2002 at 10:21:37AM +0200, Stephan Viljoen wrote:
Hi , I was wondering if it's posible to log your accounting info to a
different server to the one that's containing all the logon info. I'm
using freeradius .5 with Mysql.
That depends on your NAS. Most do support a separate
On Fri, May 31, 2002 at 02:50:02PM -0400, Alan DeKok wrote:
And for some reason, the people at Merit got their name on the
RFC's, despite having probably the worst RADIUS server implementation
I've seen *anywhere*.
Writing a protocol specification is not even close to the same thing
as
On Thu, May 30, 2002 at 02:14:54PM -0500, Nick Davis wrote:
[ unknown author ]:
On a side note, it seem that you should use Password, and not
Crypt-Password with all three PAP encryption schemes, unlike with the
local auth-type.
One more question.. I thought it was recommended that we
On Thu, May 23, 2002 at 11:26:39PM -0400, Aamer Akhter wrote:
thanks frank,
i think i've got it working with this config:
^^^
oh. Well nevermind my earlier response about null password. :-)
/fc
-
List info/subscribe/unsubscribe? See
. Your PAM setup is allowing all users.
What does your PAM config look like? Note that freeradius is using PAM
service name 'radiusd' (from the logs). If you don't have rules for that
service, PAM will use the rules for service 'other'.
/fc
- Original Message -
From: Frank Cusack
session required /lib/security/pam_unix.so
- Original Message -
From: Frank Cusack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, May 23, 2002 11:12 PM
Subject: Re: radiusd allows users with any password
On Thu, May 23, 2002 at 08:48:41PM -0400, Aamer Akhter wrote
On Fri, Apr 12, 2002 at 09:27:06PM -0500, Carlos Vicente Altamirano wrote:
hello,
I want to install a AAA server so the main that i want is to have the
control what each user do in routers, which commands entered, which
command did. Is it possible either tacplus or radius ? Is it possible
On Sat, Apr 06, 2002 at 02:41:34AM +0500, Asif Khan wrote:
Hi
i want to make an Radius server in Red Hat Linux 7.2.so therefore, i need a
complete docs.becoz this will be my ist time to work on radius server.
ur prompt reply will be appreciable.
Complete docs come with the server.
On Tue, Apr 02, 2002 at 04:43:43PM -0600, McNutt, Justin M. wrote:
Okay, so the way that Microsoft's RADIUS server gets away with this is due to the
fact that in a Microsoft domain, user names and passwords are not stored using strong
(one-way) encryption. You can decrypt the password file.
On Tue, Apr 02, 2002 at 05:53:28PM -0600, McNutt, Justin M. wrote:
The problem I have with all of this is the fact that the actual passwords can be
deduced using the cleartext equivalent that MS stores. This is a huge weakness in
NT/2K-based authentication that I was hoping to get around
On Mon, Mar 25, 2002 at 12:22:54PM -0500, Alan DeKok wrote:
Chad Miller [EMAIL PROTECTED] wrote:
...
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified
On Fri, Mar 22, 2002 at 03:44:45PM +0800, ¼BªF®¶ wrote:
Hello,
I have set up a radius server, and it works correctly.
But I have a question: Is radclient a real radius clinet software?
Or just a simulator for testing the radius server.
If it is a simulator, can
On Fri, Mar 22, 2002 at 05:48:57PM -0500, Randy Moore wrote:
At 03:49 PM 3/22/2002 -0500, you wrote:
Can someone provide example of using radclient to verify CHAP works?
This should all be one one line:
echo User-Name = \bob\, CHAP-Password = \bobspassword\ | radclient
myradserver
I think he means, how does one configure RADIUS to respond to 802.11
access point requests for MAC authorization. I think you need to
configure EAP to do this.
/fc
On Wed, Mar 20, 2002 at 11:45:59AM +0300, 3APA3A wrote:
Dear wallace,
It's not RADIUS question.
RTFM: man arp
On Mon, Mar 18, 2002 at 11:46:40PM -0500, Todd R. Stroup wrote:
Is there a way to get NIS to work with FreeRadius?
Use rlm_unix. Don't specify a password file in the config. It should
then use the system facilities, which means if you have nis listed in
your /etc/nsswitch.conf that will be
On Sun, Mar 17, 2002 at 06:24:47PM -0600, D. Duccini wrote:
in radtest
This line
echo Password = \$2\
changed to
echo User-Password = \$2\
which does not appear to work in the new radclient
changing it back allows it to work
You did not update the
On Fri, Mar 15, 2002 at 12:45:00AM -0800, Judhi Prasetyo wrote:
# /usr/local/sbin/radiusd
radiusd: Starting - reading configuration files ...
radiusd: Errors reading dictionary: dict_init:
/usr/local/etc/raddb/dictionary[34]: Couldn't open
dictionary subdicts/dict.vendors: No such file or
On Fri, Mar 15, 2002 at 06:34:38PM +0530, Anchal Arora wrote:
When I send it an authentication request for username having the letter
P in the front it strips the first letter P from the name and sends
the request to the actual radius server.
If you searched the mailing list (via google) you
1 - 100 of 132 matches
Mail list logo