LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-04-2004, 01:27 AM   #1
abdullahgee
Member
 
Registered: Apr 2004
Posts: 30

Rep: Reputation: 15
Authentication through freeRADIUS


any body tell me how to authenticate client with freeRADIUS
 
Old 06-02-2004, 08:43 PM   #2
abdullahgee
Member
 
Registered: Apr 2004
Posts: 30

Original Poster
Rep: Reputation: 15
configure freeRADIUS for md5

DEAR FELLOWS!

i want to configure radiusd.conf for using with my own client program using md5 , when i authenticate a user with a shared secret according in rfc's. the following error occurs.
please tell me if any entry has to be written in "radiusd.conf" file.

Thank you.
problem details printed by the radiusd -X
================================
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=220, length=56
User-Name = "root"
User-Password = "\305\371s\243\264\353\\\236_\254\323x=\005ta"
NAS-IP-Address = 255.255.255.255
NAS-Port = 10
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "eap" returns noop for request 0
rlm_realm: No '@' in User-Name = "root", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
users: Matched DEFAULT at 152
modcall[authorize]: module "files" returns ok for request 0
modcall[authorize]: module "mschap" returns noop for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate for request 0
rlm_unix: [root]: invalid password
modcall[authenticate]: module "unix" returns reject for request 0
modcall: group authenticate returns reject for request 0
auth: Failed to validate the user.
WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS!
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 220 to 127.0.0.1:1025
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 220 with timestamp 3c6335b4
 
Old 06-04-2004, 06:35 AM   #3
abdullahgee
Member
 
Registered: Apr 2004
Posts: 30

Original Poster
Rep: Reputation: 15
freeRAIUS configuration

i want to configure my radiusd.conf file for using with md5
i mean that i want to write client in c language to send freeRADIUS
a Request Packet in which i send Authenticator which is the output from
md5 one way hash function.

i want to configure radiusd.conf file to use with md5 authenticaiton
in which i want to send username password and secret(encrypted).

plz send me radiusd.conf file which is configured for md5 or tell me the main changes i have to made for all that work.

this time when i authenticate with freeRADIUS and error log generated
rad_recv: Access-Request packet from host 127.0.0.1:1025, id=220, length=56
User-Name = "root"
User-Password = "\305\371s\243\264\353\\\236_\254\323x=\005ta"
NAS-IP-Address = 255.255.255.255
NAS-Port = 10
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "eap" returns noop for request 0
rlm_realm: No '@' in User-Name = "root", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
users: Matched DEFAULT at 152
modcall[authorize]: module "files" returns ok for request 0
modcall[authorize]: module "mschap" returns noop for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate for request 0
rlm_unix: [root]: invalid password
modcall[authenticate]: module "unix" returns reject for request 0
modcall: group authenticate returns reject for request 0
auth: Failed to validate the user.
WARNING: Unprintable characters in the password. ? Double-check the shared secret on the server and the NAS!
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 220 to 127.0.0.1:1025
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 220 with timestamp 3c6335b4

---------------------------------------------------

tell me why this error is occuring
 
Old 06-17-2004, 01:29 PM   #4
abdullahgee
Member
 
Registered: Apr 2004
Posts: 30

Original Poster
Rep: Reputation: 15
radius-access-request

plz tell me the attributes that must be present in radius-access-request
to authenticate a user using eap-message attribute of the radius packet.

thank you in anticipation.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authentication service cannot retrieve authentication info Moffett67 Linux - Software 3 12-13-2007 03:16 AM
freeradius screamon demon Linux - Networking 0 08-15-2005 09:52 PM
where is freeradius barrythai Suse/Novell 1 03-04-2005 12:53 PM
Freeradius Help jrmontg Linux - Networking 2 03-02-2005 10:40 AM
freeradius Jorgr Linux - Software 1 02-23-2005 02:31 AM


All times are GMT -5. The time now is 10:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration