thanks tim: yes, it is better but yet working correctly:
g...@giraffe:~:$ ssh [email protected] [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied, please try again. [email protected]'s password: Permission denied (publickey,password,keyboard-interactive). but trying local username "labrat" is working fine: g...@giraffe:~:$ ssh [email protected] [email protected]'s password: --- JUNOS 8.5R4.3 built 2008-08-12 23:16:55 UTC lab...@lab-r8> what is interesting here is that now i can see "Access-Accept" in the debugging messages of "radiusd -X": rad_recv: Access-Request packet from host 192.168.255.138 port 65003, id=3, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [files] users: Matched entry bob at line 1 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "bob" [pap] Using clear text password "bob" [pap] User authenticated successfully ++[pap] returns ok +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 3 to 192.168.255.138 port 65003 Juniper-Local-User-Name = "labrat" Finished request 4. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.255.138 port 65003, id=3, length=57 Sending duplicate reply to client r8 port 65003 - ID: 3 Sending Access-Accept of id 3 to 192.168.255.138 port 65003 Waking up in 1.9 seconds. Cleaning up request 4 ID 3 with timestamp +91 Ready to process requests. rad_recv: Access-Request packet from host 192.168.255.138 port 65003, id=3, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [files] users: Matched entry bob at line 1 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "bob" [pap] Using clear text password "bob" [pap] User authenticated successfully ++[pap] returns ok +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 3 to 192.168.255.138 port 65003 Juniper-Local-User-Name = "labrat" Finished request 5. Going to the next request Waking up in 4.9 seconds. Cleaning up request 5 ID 3 with timestamp +97 Ready to process requests. --- On Sun, 9/19/10, Tim Sylvester <[email protected]> wrote: > From: Tim Sylvester <[email protected]> > Subject: RE: still not working (newbie for radius) > To: "'FreeRadius users mailing list'" <[email protected]> > Date: Sunday, September 19, 2010, 5:52 PM > > well, i had tried other configuration for "users": > > bob Cleartext-Password = "bob" > Juniper-Local-User-Name = "labrat" > > labrat is local login user id so that all of radius users > will be mapped to > that user. unfortunately, it is also failed though with no > warning messages: > > > <tim> You are missing a : - try the following: > > bob Cleartext-Password := "bob" > Juniper-Local-User-Name = > "labrat" > > > > -----Inline Attachment Follows----- > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
