At 08:00 PM 7/15/2009, you wrote:
> Hope you are referring to
> realm freescale.com {
> type = radius
> authhost = LOCAL
> accthost = LOCAL
>
> present in the radiusd.conf file. removed it. Restarted the freeradius
> server.
>
> The user file contains
> [email protected] Cleartext-Password := "navin123"
>
> Even then when tested with radtest tool , the users "navin" &
> "[email protected]"
> are both getting authenticated. I would prefer only
> [email protected] get authenticated
> and user "navin" should get rejected.
There is something else there then as well. Post the debug for navin. You
can probably safely disable suffix as well. But lets first see what is
stripping the username. There is nothing in the default configuration that
does that.
Navin wrote:
Thanks for suggesting the debug option. What probably happening was,
the users file by default is configured to look into unix password database
(/etc/passwd), And it so happens, that my machine has the same user and
userpasswd as the radius access request info.
Hence the login for "navin" as well as "[email protected]" was getting
authenticated.
users file snippet of unix password database:
#
# First setup all accounts to be checked against the UNIX /etc/passwd.
# (Unless a password was already given earlier in this file).
#
DEFAULT Auth-Type = System
Fall-Through = 1
The debug option helped to see that i was hitting the above lines
when i logged in as "navin".
Thanks.
have a nice day,
navin
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
