Kolbjørn Barmen wrote: > Can rlm_passwd be used together with EAP-MD5? Yes. Only if the password is in clear-text.
> If I in the users file set "Password == blabla" for a user test-user > and then connects using radeapclient as described in the manual with > "EAP-MD5-Password = blabla" it works fine. However, I want to use an > external clear-text password instead of having the password in users, > since I want to change the password for each and every test, and do > not want to HUP radiusd all the time. I'm not sure that will work. > On the same server I use rlm_passwd already for authenticate certain > clients against a TACACS passwd file, and for those clients I have in > users file entires like this: > > DEFAULT Auth-Type := PAP, Client-IP-Address == "w.x.y.z" > > which (if I have grasped things right) enforces those to use PAP, In 1.1.7, you don't need that Auth-Type. > With the above I get in the log: > > Info: rlm_eap_md5: User-Password is required for EAP-MD5 authentication Ugh. It works in 1.1.7. Which version are you running? > As for "Why EAP-MD5?", I just need some EAP-method for which > I can easily generate requests with radeapclient. See also wpa_supplicant and eapol_test. I use it to test all of the EAP types... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
