It would seem that the users file is limited to lines 256 characters.
This causes me a problem as I am trying to do an sql xlat and so need a
string 256 characters.
Is there any good reason not to bump up this limit?
-
List info/subscribe/unsubscribe? See
I have loaded Fr 0.8 and MySQL 11.18 dist
3.23.52 on a RedHat 8 box.
Fr works well with a flat file, but when I
try to config Fr to use MySQL as per SB's
very rough notes to FR MySQL I get the
following error.
rlm_sql (sql): Could not link driver
rlm_sql_mysql: file not found
rlm_sql (sql):
03-Dec-02 at 16:24, Maurizio Martinoli ([EMAIL PROTECTED]) wrote :
can anyone tell me how to add a user in freeradius?
thank you
There is no way you're going to get an answer to this kind of question.
RTFM.
--
|-Simon White, Internet Services Manager, Certified Check Point CCSA.
|-MTDS
yeah well there is example users file and if you are using sql then you
can try dialup_admin etc.
On Wed, 4 Dec 2002, Simon White wrote:
03-Dec-02 at 16:24, Maurizio Martinoli ([EMAIL PROTECTED]) wrote :
can anyone tell me how to add a user in freeradius?
thank you
There is no way
¾«Æ··þÎñÆ÷£¬°²È«¿É¿¿£¬±£Öʱ£Á¿£¬ÈÃÄúÓõ÷ÅÐÄ£¬ÆóÒµÉÏÍøÀíÏëÑ¡Ôñ
Öйú·þÎñÈ«ÇòרҵµÄÓòÃû×¢²áÌṩÉÌ£¬ÏÖÍƳöÖ÷»ú¡¢ÓòÃû×¢²áÓŻݷþÎñ£º
¡°ÌØ»Ý1+1ÆóÒµÉÏÍøÌײ͡±ÊÇÖйú·þÎñÆ÷ÍøÂçÓÐÏÞ¹«Ë¾ÎªÄúÍƳöµÄ³¬Öµ·þÎñ£¬
¡°ÏÈ·þÎñ£¬ºóÊÕ·Ñ£¡¡±ÄÚÈÝ°üÀ¨£º
100M asp cgi,php +ACCESS
Hi all,
Can the LDAP be used to authenticate a user whose username and password is
stored in /etc/passwd??
And can this authentication use EAP-MD5 ?
Regards
Sarick
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
04-Dec-02 at 19:12, Sarick ([EMAIL PROTECTED]) wrote :
Hi all,
Can the LDAP be used to authenticate a user whose username and password is
stored in /etc/passwd??
How is the LDAP server going to read the username in /etc/passwd?
Passwords are not stored in /etc/passwd, just usernames.
Hi Simon,
- Original Message -
From: Simon White [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, December 04, 2002 7:23 PM
Subject: Re: Can LDAP be used to authenticate /etc/passwd ?
04-Dec-02 at 19:12, Sarick ([EMAIL PROTECTED]) wrote :
Hi all,
Can the LDAP be used to
04-Dec-02 at 20:23, jmc_cs ([EMAIL PROTECTED]) wrote :
Hi Simon,
- Original Message -
From: Simon White [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, December 04, 2002 7:23 PM
Subject: Re: Can LDAP be used to authenticate /etc/passwd ?
04-Dec-02 at 19:12, Sarick
You can perhaps use some kind of script to transfer /etc/passwd and
/etc/shadow into LDAP and then use PAM to authenticate all your linux
users from LDAP database. Also when you add new users you can add to ldap
and create directories in linux (with a script perhaps).
This way you can get rid of
or actually if you can keep the /etc/passwd /etc/shadow syncronised with
LDAP that would also do the trick. Perhaps with a script you can convert
/etc/passwd /etc/shadow into LDAP or only the changed accounts etc. or
even syncronise the add/remove user functions both in LDAP and in system
files.
Hi everybody, i have a problem when i run radtest.
i do:
./radtest -d /usr/local/etc/raddb/ user password localhost:1812 1900
auth testing123
but i get
Access reject packet from host 127.0.0.1:1812
Reply-Message = Hello %u
The only problem i can see from the radiusd output is
rlm_chap: Could
Hi everybody, i have a problem with radtest and i can't find a solution to that, so
i'd be greatful if comeone could help me out.
I tried to do it myself for hours, i sat, thoight, and didn't solve anything, so i'm
here for someone that is nice to help me out.
First of all this is how i
I had to turn off Passive File Transfers in gFTP (under FTP/Options)
MV
On Tue, 2002-12-03 at 22:58, Allister Maguire wrote:
Hello,
We have finished the sql version of the ip module it can be downloaded
from here:
ftp://lopez.globe.net.nz/Linux/freeradius/rlm_sqlippool.tar.gz
Issues:
Does anyone have a code fragment to decrypt a chap
password? I need to take the password in plain text,
after pulling it from authreq-strvalue to a private
routine.
john
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Shut off all the useless stuff you have in your configuration and stick
to the bare bones configuration needed to authenticate your test user.
Once you have authenticated him properly, add the stuff back in that you
need, one module at a time and troubleshoot each one as required until
your
john babiarz [EMAIL PROTECTED] wrote:
Does anyone have a code fragment to decrypt a chap
password? I need to take the password in plain text,
after pulling it from authreq-strvalue to a private
routine.
Uh... read the source?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Kliment Toshkov [EMAIL PROTECTED] wrote:
Exec-Program-Wait should work...
Well, it works fine and passess AV pairs exactly as before.
Then I don't understand why the external check fails...
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Malcolm Caldwell [EMAIL PROTECTED] wrote:
It would seem that the users file is limited to lines 256 characters.
This causes me a problem as I am trying to do an sql xlat and so need a
string 256 characters.
Is there any good reason not to bump up this limit?
Nope. I'll bump it to 8192
jmc_cs [EMAIL PROTECTED] wrote:
yes. My question is, can I use LDAP to authenticate the users who having the
accounts on Linux , with EAP-MD5 authentication?
Your question makes no sense. LDAP is a database. It doesn't do
authentication.
That is, to read the usernames from /etc/passwd
Hello freeradius-users,
I have installed freeradius-0.7.1 on my FreeBSD 4.6.2 and set it
to authorize users via ldap and send accounting information to
mysql. Everything works fine, but radwho doesn't show, who is
logged in.
zeus# ps ax | grep radpppd
8371 p1 R+
Title: Re: Re: FreeRadius 0.8, Oracle 8.1.7. Improvement of performance
Novoselsky Alexander [EMAIL PROTECTED] wrote:
It seems to me, that it would be useful to have possibility to configure the number of SQL queries.
Because only to comment them is not enough.
Hmm... You're right.
Using: freeRadius 0.7.1
just a couple of trivial questions about radwho that i didn't see in the man
page.
is there any way (short of recompiling it) to change the width of some of the
columns? ('from' is getting trimmed to just 3 of the 4 parts of the ip
'10.123.45', and TTY is 999 on a
On Wed, 4 Dec 2002 11:18:40 -0600 Ray [EMAIL PROTECTED] wrote:
Using: freeRadius 0.7.1
just a couple of trivial questions about radwho that i didn't see in the
man
page.
is there any way (short of recompiling it) to change the width of some
of the
columns? ('from' is getting trimmed to
Using freeRadius 0.7.1
currently still just testing out the radius server, we have it getting live
accounting information, but no authentication. and while looking at the
radwho i noticed everything was from tuesday 4pm, and it wasn't updating even
though it was getting traffic for accounting
Thanks for reading this question.
I wants to setup a radiusserver with an LDAP server behind
it for its userid/password checking for installing 802.1x on my cisco wireless lan.
My question is: is freeradius 0.8+ supporting PEAP
Is it possible, and how do I need to configure it, to
On Wed, 2002-12-04 at 21:20, Freerk Bosscha wrote:
I wants to setup a radiusserver with an LDAP server behind it for its
userid/password checking for installing 802.1x on my cisco wireless
lan.
My question is: is freeradius 0.8+ supporting PEAP
No, not yet anyway.
Is it possible, and how
Alan Wong [EMAIL PROTECTED] wrote:
I need your advice regarding the password. I want to know how to set the
password to null after authentication.
Huh? Why would you want to do that?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I need your advice regarding the password. I want to know how to set the
password to null after authentication.
Huh? Why would you want to do that?
Because Im trying to set up a system where people can only use there
accounts only once.
Alan
-
List info/subscribe/unsubscribe? See
Why dont you search the accounting logs then delete the users which logged
in once with a script? Lets say every day? or you can actually change
their passwords too. Is it very crucial that they only logon once? or is
it ok if they can use the account for 1 day?
Evren
On Thu, 5 Dec 2002, Alan
Dear Evren,
Yes it is crucial that they can only logon once. This is the most important
factor and unfortunately cannot be changed. So I was thinking of trying to
change the code that will change their password to null once they have
authenicated but am finding great difficulty being a C
hi
evren: all that is useless - EAP-MD5 will need clear-text passwords.
/etc/passwd or shadow or whatsoever only stores a hash of it. it is not
going to work anyway.
a propos, sarick: the original question is a big strange mixture of
available incompatible techniques. you store your
I am little bit newbie to radius too. But in tacacs+ it would be possible
to run a shell script when a user logs on. It is possible to run a script
before authorization.
Also in freeradius faq it mentions about
o Exec-Program-Wait, allows you to set up an external program which
Dear Evren,
Thank you for your advice but I just read the readme file and it does
indicate that Exec-Program-Wait is to be used in the user file. We are
currently using a mysql database, so would it be possible to set it up in a
mysql db? If possible how because Im having lots of trouble setting
Hi:
I've been looking for dictionary files for 3GPP and CDMA-related VSAs.
I've searched over the web and at their sites and have been unable to find them.
Just wondering if these exist or if I need to piece them
together from their specs and submit a home-grown version.
Thanks for any info,
Trying to compile the rlm_dbm section of 0.8. When executing ./configure
while in the modules/rlm_dbm directory I get the following output. The
machine is FreeBSD version 4.6.2.
Thanks to anyone who can help.
creating cache ./config.cache
checking for gcc... gcc
checking whether the C
Hi,
Thanks all of the advice. Now I know what LDAP does. :-)
Basically, my ambition is to make a 802.1x EAP-MD5 authentication.
And the users info required for authentication (i.e., username and passwd)
can correspond to the accounts on my Linux server.
Therefore, I won't need to key in all of the
On Wed, 2002-12-04 at 13:26, Alan DeKok wrote:
Malcolm Caldwell [EMAIL PROTECTED] wrote:
It should return failed to do SQL query, which is semantically not
that different from unable to contact SQL server
Whose semantics? A database login would seem to be quite an expensive
Dear Evren,
Thank you Evren for all the help. It has solved my problem.
Alan
further reading in README tells that if the script returns 1 then the
access is not granted and if it returns 0 then granted so a simple script
which checks the username from a file and if it is there returns 1 or if
39 matches
Mail list logo