Ralf Paffrath <[EMAIL PROTECTED]> wrote: > I'm running a snapshot version of freeradius with EAP/TTLS for authN. > My supplicant is SecureW2. Everything works fine as long as I put in the > plaintext user-password in "users" configuration file and didn' set > Auth-Type, e.g. username User-Password == "blabla".
Ok... > I absolutely don't like plaintext passwords in some files so I tried > freeradius out to use /etc/shadow but with no success. Plain-text passwords aren't much of a problem from a security perspective. They also allow you to do CHAP authentication, which is impossible with /etc/passwd. > Auth-Type := EAP doesn't work: > ... > auth: type "EAP" > modcall: entering group authenticate for request 5 > rlm_eap: EAP-Message not found Exactly. Don't set "Auth-Type := EAP". EVER. > Any idea? Set Auth-Type to System for the tunneled user, and read the debugging output of the server. I note that you did NOT post that debugging output, which is the ONLY relevant thing here. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
