It is the password that your NAS sends to your radius server. It is in text normally. It is only encrypted with the shared key when it travels over network.

Sergei Koveshnikov wrote:

Hello to everyone!
I'm trying to use MAX6000 + freeradius-1.0.0-pre3 + Postgres + pap + md5 encryption for users passwords in the DB. But I've got auth error:
=====
auth: Failed to validate the user.
Login incorrect (rlm_pap: Configured MD5 password has incorrect length): [testuser/password] =====
Why User-Password = 'plain text password' in 'rad_recv' log ?
Does radius decrypt password for debus purpouse before puts it on the screen?
Any ideas?
Thank you!


#### radiusd.conf:
modules {
       pap {
                encryption_scheme = md5
        }
}
authorize {
        auth_log
        files
        sql
}
authenticate {
        authtype MD5 {
                pap
        }
}

#### radiusd logs:
rad_recv: Access-Request packet from host 192.168.0.1:1026, id=145, length=173
User-Name = "testuser"
User-Password = "password"
NAS-IP-Address = 192.168.0.1
NAS-Port = 20214
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "80482320000"
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Ascend-Calling-Id-Presentatn = Allowed
Ascend-Calling-Id-Screening = Network-Provided
Acct-Session-Id = "429965508"
Ascend-Data-Rate = 31200
Ascend-Xmit-Rate = 33600
#### skip some lines... rlm_sql (sql): Released sql socket id: 3
modcall[authorize]: module "sql" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type MD5
auth: type "MD5"
Processing the authenticate section of radiusd.conf
modcall: entering group authtype for request 0
rlm_pap: login attempt by "testuser" with password password
rlm_pap: Using password "$1$L8If2hAa$Oy91qkyF8lkWClyBi1I.u0" for user testuser authentication.
rlm_pap: Using MD5 encryption.
rlm_pap: Configured MD5 password has incorrect length
modcall[authenticate]: module "pap" returns reject for request 0
modcall: group authtype returns reject for request 0
auth: Failed to validate the user.
Login incorrect (rlm_pap: Configured MD5 password has incorrect length): [testuser/password] (from client max2 port 20214 cli 80482320000)
Delaying request 0 for 1 seconds
Finished request 0



- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to