[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FreeRADIUS issues


On Thu, Dec 20, 2001 at 03:59:58PM +1100, Jeff Waugh wrote:
> Hi all,
> Having some troubles with freeradius as packaged in woody. I'm
> doing a very quick auth migration for a PM3, taking usernames
> and crypted passwords from an old Qube, and putting them ni
> various files for service authentication.
> FreeRADIUS is not cooperating. ;)

I suspect you'll get more answers if you ask on the FreeRADIUS
mailing lists.  See http://www.freeradius.org/

> Here's an example of what I have in the fast_users file:
>   garry@domain.com   Auth-Type := Crypt-Local, Password == "6IVIw"
>   garry   Auth-Type := Crypt-Local, Password == "6IVIw"

I haven't tried FreeRADIUS, so I may be talking nonsense, but
that password does not look crypted.  It should look something
like this:  X.SldLTDxGIGU or abB.3AxASd29. etc.  i.e. 13
characters from the set (a-zA-Z0-9./).

> Many of those. I'm getting this error upon running radtest with: radtest
> garry blah localhost localhost pants
> Sending Access-Request of id 74 to
>         User-Name = "garry"
>         Password = "W)\204\310\316yvi\237\023(\013\027\316\336\225"
>         NAS-IP-Address = whale
>         NAS-Port-Id = "localhost"
> rad_recv: Access-Reject packet from host, id=74, length=20
> The logs say:
> modcall: entering group authorize
>   modcall[authorize]: module "preprocess" returns ok
> rlm_fastusers:  checking defaults
> rlm_fastusers:  user not found
>   modcall[authorize]: module "fastusers" returns notfound

This looks to me like it didn't find the user in the file.  Are
you sure you have the stuff in the right file? :)  Are you sure
you have the syntax correct?

> modcall: group authorize returns ok
> auth: No Auth-Type configuration for the request, rejecting the user
> auth: Failed to validate the user.
> Login incorrect: [garry] (from nas local port 0)
> Sending Access-Reject of id 74 to
> Anyone have pointers?

I hope that helps.

Michael Wood <mwood@its.uct.ac.za>

Reply to: