Dear steve, In order to use CHAP you have to store cleartext password. If you use SYSTEM authentication you have to use PAP instead.
--Thursday, October 3, 2002, 1:01:20 PM, you wrote to [EMAIL PROTECTED]: s> Help?!? s> OK, Im a newbie to Freeradius. I've had some experience with Meritt in the s> past. s> I recently installed Freeradius on my Redhat 7.x system, and have an ascend s> access s> server. My clients file is setup correctly, and I've peeled back the users s> file to a very minimal config (attached below) But whever I try to s> autheticate through the terminal server, I get the message back "Cannot Use s> CHAP-Password." (See below for debug) s> I've been playing 'round with this for a few days, & can't seem to hack my s> way out of it. I've also scanned through the archives on the list here, to s> no avail. Can anyone offer some help? s> Thanks in advance. s> Steve s> =============DEBUG============ s> # First setup all accounts to be checked against the UNIX /etc/passwd. s> # (Unless a password was already given earlier in this file). s> # s> DEFAULT Auth-Type := System s> Fall-Through = 1 s> DEFAULT Service-Type == Framed-User s> Framed-IP-Address = 255.255.255.254, s> Framed-MTU = 576, s> Service-Type = Framed-User, s> Fall-Through = Yes s> # Default for PPP: dynamic IP address, PPP mode, VJ-compression. s> # s> DEFAULT Framed-Protocol == PPP s> Framed-Protocol = PPP, s> Framed-Compression = Van-Jacobson-TCP-IP s> [root@one raddb]# s> rad_recv: Access-Request packet from host 144.130.4.5:3649, id=12, s> length=109 s> Thread 1 assigned request 0 s> --- Walking the entire request list --- s> Threads: total/active/spare threads = 5/1/4 s> Nothing to do. Sleeping until we see a request. s> Thread 1 handling request 0, (1 handled so far) s> User-Name = "steve" s> CHAP-Password = 0x016700b40e4c5dbd78ee8efc3bae02e9c3 s> NAS-Port-Type = Async s> Calling-Station-Id = "755270XXX" s> Called-Station-Id = "0198308066" s> X-Ascend-Data-Rate = 31200 s> X-Ascend-Xmit-Rate = 50667 s> NAS-IP-Address = 144.130.4.5 s> Acct-Session-Id = "589[]388695891" s> modcall: entering group authorize s> modcall[authorize]: module "preprocess" returns ok s> rlm_realm: Looking up realm NULL for User-Name = "steve" s> rlm_realm: No such realm NULL s> modcall[authorize]: module "suffix" returns noop s> users: Matched DEFAULT at 57 s> modcall[authorize]: module "files" returns ok s> modcall[authorize]: module "mschap" returns notfound s> modcall: group authorize returns ok s> rad_check_password: Found Auth-Type System s> auth: type "System" s> modcall: entering group authenticate s> rlm_unix: Attribute "User-Password" is required for authentication. Cannot s> use s> "CHAP-Password". s> modcall[authenticate]: module "unix" returns invalid s> modcall: group authenticate returns invalid s> auth: Failed to validate the user. s> Delaying request 0 for 1 seconds s> Finished request 0 s> Going to the next request s> Thread 1 waiting to be assigned a request s> rad_recv: Access-Request packet from host 144.130.4.5:3649, id=12, s> length=109 s> Sending Access-Reject of id 12 to 144.130.4.5:3649 s> --- Walking the entire request list --- s> Threads: total/active/spare threads = 5/0/5 s> Waking up in 2 seconds... s> --- Walking the entire request list --- s> Cleaning up request 0 ID 12 with timestamp 3d9c057d s> Nothing to do. Sleeping until we see a request. s> - s> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA ������������� ���� ����� ������� ��� ������������ ���������. (���) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
