No, we didn't use FreeRadius until we installed FreeRadius 0.9.1 about 2
weeks ago. I upgraded to 0.9.2 today. We installed FreeRadius on a brand new
RedHat 9.0 server that was just just built. We tested our backup Radius
server by moving all the Portmaster's primary auth to it and it did the same
thing.
One out of of about 200 or 300 authentications result in "incorrect
password" in the radius.log file when the password is actually correct. The
radius.log file records the username and password that the customer used.
The customer will re-enter that same password during the same login process
and it will then work properly.
And, at times FreeRadius will reject a customer's login because it says
the shell incorrect. The incorrect login entry in radius.log will say the
shell is "/home/username:/bin/false" <-- literally. Notice this is NOT the
shell and at times I've seen this happen when it's not even the information
for the correct username. This is something that makes me think it's using
the password file.
We've checked items running in cron to see if they could be conflicting
somehow and haven't found anything. I noticed there are some notes on the
FreeRadius homepage from 19 September about the Pam module and RedHat 9.
Problem is, we have the Pam stuff disabled in Radius.
Bill
----- Original Message -----
From: Alan DeKok
To: [EMAIL PROTECTED]
Sent: Thursday, October 16, 2003 3:28 PM
Subject: Re: 0.9.1 and bad logins
"Bill" <[EMAIL PROTECTED]> wrote:
> No, the caching is turned off. We actually thought about turning it
on
> to see if that would have any affect on this problem.
Then are you *sure* you're using the latest version of rlm_unix, and
not an older one? There may be threading issues with older ones, if
you've installed 0.9.1 over top of an older version of the server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
