On 11/19/2009 01:43 PM, Andy Theuninck wrote:
I'm trying to set up freeradius to handle WPA authentication on my network. I've managed to get the AP& radius servers talking to one another and the SSL certificates loaded and configured, but I can't figure out how to get the username& passwords checked against the local /etc/shadow file. Free radius version is 1.1.3, latest binary provided by my version of CentOS.
You can get current 2.x versions, read this: http://wiki.freeradius.org/Red_Hat_FAQ The client attempting to connect is
Mac OS X 10.4. In a perfect world, I'd like to support both OS X and Windows XP with names& passwords checked against /etc/shadow. I could probably add an openldap server to function as a go-between if that would make the configuration easier. Ideally, I'm looking for an pointers what I'm doing wrong OR an indication that what I'm trying to pull off is impossible. Output and config files follow. Notably, to me at least, is that the "users" line noted in the eap match, 152, is "DEFAULT Auth-Type = System", but rlm_unix is never even attempted.
Yes, what you're trying to do is impossible. Unix/Shadow passwords are stored using the "crypt" hash. You're trying to do 802.1x, e.g. EAP
Knowing that then read this: http://deployingradius.com/documents/protocols/compatibility.html -- John Dennis <jden...@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html