Date: Wed, 17 Sep 2003 05:28:46 +0200 From: Martin Jessa <freebsd@yazzy.org> To: freebsd-isp@freebsd.org Cc: andy@fud.org.nz Subject: Re: FreeRadius and md5 hashed passwords Message-ID: <20030917052846.74b40df5.freebsd@yazzy.org> In-Reply-To: <03Sep17.032612nzst.336011@homer.fire.org.nz> References: <20030917030343.52426383.freebsd@yazzy.org> <20030917022435.GA14843@laptop.lambertfam.org> <20030917045828.4c7f7ec9.freebsd@yazzy.org> <03Sep17.032612nzst.336011@homer.fire.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
Great! It worked.
Thanks a bunch Andy :)
rlm_pap: Using MD5 encryption.
rlm_pap: User authenticated succesfully
modcall[authenticate]: module "pap" returns ok
modcall: group authtype returns ok
Sending Access-Accept of id 216 to 127.0.0.1:58965
On Wed, 17 Sep 2003 15:28:18 +1200
Andrew Thompson <andy@fud.org.nz> wrote:
> Martin Jessa wrote:
> > Hi Scott, guys.
> >
> > I am stucked. I made some changes in the config file and added Auth-Type to the radgroupcheck table (which was previously empty) and now I cannot authenticate at all.
> > Seems like the problem is somewhere else.
> >
> > My radiusd.conf:
> >
> > modules {
> > mschap {
> > authtype = MD5
> > use_mppe = yes
> > require_encryption = yes
> > require_strong = yes
> > encryption_scheme = md5
> > }
> >
> >
>
> My understanding was that chap required the password on the sever to be
> in plain text, so MD5 could not be used. The response from the client
> is encrypted with the password, so if its also encrypted locally, it
> cant be checked.
>
> You may need to use pap.
>
>
> Andy
>
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030917052846.74b40df5.freebsd>