On Mon, Nov 18, 2002 at 10:14:31AM -0500, Alan DeKok wrote: > Thomas Linden <[EMAIL PROTECTED]> wrote: > > In the meantime I found another solution: > > I configured the passwd file in radiusd to be /etc/master.passwd, > > chowned /etc/master.passwd to daemon (+ chmod 600) and run > > radiusd as daemon. This works well. From the security point of > > view this is no problem, since the radius daemon runs inside > > a chroot anyway. > > Or, you could have read the configuration file entry where the > 'passwd' and 'shadow' files are set. The comments there tell you > what to do on FreeBSD. (At least in 0.7 and later, if you're running > an earlier version, well, enough said.) As I said in some earlier posting: I am using FreeBSD (4.7), which uses by default MD5-hashed passwords, which FreeRadius does not support. So, that's nothing to do with configuration of freeradius. But you could be nice to FreeBSD users coming after me and telling them, what to do if they want to use Auth-Type=System:
1. either turn usage of MD5 off (/etc/auth.conf+/etc/login.conf) 2. or use DES (crypt(3)) encrypted passwords for Radius users 3. use "/etc/master.passwd" as "passwd" in radiusd.conf. OR: add MD5-Support to freeradius. It's time, we are in the 3rd year-thousand :-) > Some people complain that there aren't enough docs. Others don't > look at the docs which are there. I did not complain (if you meant me). But, let me complain now: It *was* not documented. The guys here on the list helped me, not the docs. Read them yourself and you'll see. > Is it any wonder I have a > reputation for getting frustrated at people? Well - configuring radius is a complicated task, that's why some people need help, which they get here (thanks again!), so why are you frustrated about this? kind regards and thanks again for the help, Tom -- Thomas Linden <[EMAIL PROTECTED]>, I Z B Informatik-Zentrum Muenchen-Frankfurt a.M. GmbH & Co.KG, Internet Service Providing OE532 Tel:089/2171-27998, Fax:089/2171-27995, http://www.izb.de - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
