(RADIATOR) Bad Encrypted Password

Hugh Irvine hugh at open.com.au
Mon Nov 5 02:36:31 CST 2001


Hello Balgaa -

It looks to me like the string here is wrong.

monnis  Encrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",

the leading ":" should probably not be there - the password should 
start with "$1$.....". Try this as the $1$ prefix is recognised 
automatically:

monnis  Password = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"

regards

Hugh


At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
>Hi Hugh,
>
>I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
>I finish installation and configuration successfully. I have installed
>Digest::MD5-2.17.
>
>After configuration I can't to authenticate Radiator server.
>I got following error:
>Sat Nov  3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
>xxx.xxx.xxx.xxx
>Sat Nov  3 17:18:03 2001: DEBUG: Packet dump:
>*** Received from 127.0.0.1 port 1678 ....
>Code:       Access-Request
>Identifier: 33
>Authentic:  1234567890123456
>Attributes:
>         User-Name = "monnis"
>         Service-Type = Framed-User
>         NAS-IP-Address = 203.63.154.1
>         NAS-Port = 1234
>         Called-Station-Id = "123456789"
>         Calling-Station-Id = "987654321"
>         NAS-Port-Type = Async
>         User-Password = 
>"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
>
>Sat Nov  3 17:18:03 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT'
>Sat Nov  3 17:18:03 2001: DEBUG:  Deleting session for monnis, 
>203.63.154.1, 1234
>Sat Nov  3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
>Sat Nov  3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>Sat Nov  3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with monnis
>Sat Nov  3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad 
>Encrypted password
>Sat Nov  3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>Sat Nov  3 17:18:03 2001: INFO: Access rejected for monnis: Bad 
>Encrypted password
>Sat Nov  3 17:18:03 2001: DEBUG: Packet dump:
>*** Sending to 127.0.0.1 port 1678 ....
>Code:       Access-Reject
>Identifier: 33
>Authentic:  1234567890123456
>Attributes:
>         Reply-Message = "Request Denied"
>
>
>Radiator config file:
>Foreground
>#LogStdout
>LogDir          .
>LogFile     %L/logfile
>DbDir           .
># User a lower trace level in production systems:
>Trace           4
>
># You will probably want to add other Clients to suit your site,
># one for each NAS you want to work with
><Client xxx.xxx.xxx.xxx>
>         Secret  xxxxx
>         DupInterval 15
></Client>
>
><Client 127.0.0.1>
>         Secret  xxxxx
>         DupInterval 15
></Client>
><Realm DEFAULT>
>                 PasswordLogFileName %L/publicb.log
>         <AuthBy FILE>
>                 # Set UseGetspnamf to get more details
>                 # like expiry dates etc
>                 # Requires the shadowf module from
>                 # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
>                 #UseGetspnamf
>                 Nocache
>                 Filename %D/mtc.users
>         </AuthBy>
></Realm>
>
>
>mtc.users file:
>stac    User-Password = "coulthard", Simultaneous-Use = 1
>         Framed-Protocol = PPP,
>         Service-Type = Framed-User,
>         Framed-MTU = 1500,
>         Framed-Compression = Van-Jacobson-TCP-IP
>
>monnis  Encrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>Simultaneous-Use = 1
>         Framed-Protocol = PPP,
>         Service-Type = Framed-User,
>         Framed-MTU = 1500,
>         Framed-Compression = Van-Jacobson-TCP-IP
>
>I checked both account, but can't to authenticate.
>
>publicb.log file:
>Sat Nov  3 17:27:40 
>2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
>Sat Nov  3 17:31:12 
>2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
><E2>:PxWNlVCZmSTj6:FAIL
>Sat Nov  3 17:32:41 
>2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
><E2>:coulthard:FAIL
>Sat Nov  3 17:34:12 
>2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
><E2>:coulthard:FAIL
>Sat Nov  3 17:34:53 
>2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
><E2>:coulthard:FAIL
>
>Could you send me suggestion how to solve it?
>I think something wrong with Radiator or MD5?
>
>
>Thank you,
>Balgaa
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list