On Wednesday 18 April 2007 16:39:27 Sebastian Firpo wrote: > Hi, I migrated a freeradius server from version 0.6 to 1.5. I'm using a > users file for authorize.
Wow, that's quite a leap. I assume from 0.6 to 1.1.5? > The server don't authorize and when a do a debug (radiusd -X) I saw the > User-password in clear text. If I modify the User-password in the users > file by the clear text one it works. > > Here are the debug and an entry of the users file: > > Listening on authentication *:1812 > Listening on accounting *:1813 > Ready to process requests. > rad_recv: Access-Request packet from host 10.12.4.2:1645, id=91, length=75 > NAS-IP-Address = 10.12.4.2 > NAS-Port = 1 > NAS-Port-Type = Virtual > User-Name = "sebas" > Calling-Station-Id = "10.11.1.25" > User-Password = "hello" > Processing the authorize section of radiusd.conf > modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > users: Matched entry sebas at line 50 > modcall[authorize]: module "files" returns ok for request 0 > modcall: leaving group authorize (returns ok) for request 0 > rad_check_password: Found Auth-Type Local > auth: type Local > auth: user supplied User-Password does NOT match local User-Password > auth: Failed to validate the user. > Delaying request 0 for 1 seconds > > users file > > sebas Auth-Type := Local, Crypt-Password == "(!lGOOlHaBWoQ" > Service-Type = Administrative-User, > Cisco-AVPair = "shell:priv-lvl=15" > > Thanks very much!! Don't set Auth-Type, the server will figure it out. The operator for Crypt-Password should be changed to := as well. Kevin Bonner
pgpsPajLfZa7I.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html