On Sat, 30 Oct 1999, Scott Adkins wrote:
[...]
> These messages occur when the user is using the Dial-Up Adapter from Win98.
> Select a dialup icon and do properties on it. Select the Server Types tab.
> Here, you are presented with a couple options, including "Require Encrypted
> Password". I have been trying to identify what exactly that option does
> and really haven't figured it out.
AFAIK, it disallows PAP authentication and requires (MS-)CHAP.
> If authentication occurs via CHAP, that option doesn't seem to do anything
> if it is checked or not. However, if authentication occurs via PAP and that
> option is checked, authentication fails and the above two log entries are
> entered. Also, the Access-Request packet includes no password information
> of any kind that I can tell.
I think that's all consistent with a caller that won't do PAP: they would
send a username and wait a CHAP-chalenge, IIRC.
[...]
> DEBUG: Called AuthSCOTT::findUser = sadkins
> WARNING: No CHAP-Password or User-Password in request: does your dictionary
> DEBUG: findUser: FAILURE! REASON=Invalid password
> INFO: Access rejected for sadkins@SCOTT: Invalid password
>
> Any thoughts on the subject will be quite welcome!
Does this user have a clear-text password available to Radiator?
remember that CHAP requires the availability of the clear-text password
(i.e. shared-secret) on both sides (whereas PAP requires that the caller
have the clear text password to present, but the called-side can verify
this clear-text against a stored encryption (same as unix passwd auth).
HTH,
Neale.
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
