(RADIATOR) Bad Encrypted Password Again

User BALGAA System Engineer balgaa at publica.ub.mng.net
Tue Nov 6 20:01:50 CST 2001 

Hello Hugh,

Yes, I put correct password in users file and result is same.

Logfile:
Tue Nov  6 09:14:20 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 3841 ....
Code:       Access-Request
Identifier: 200
Authentic:  1234567890123456
Attributes:
        User-Name = "monnis"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        Called-Station-Id = "123456789"
        Calling-Station-Id = "987654321"
        NAS-Port-Type = Async
        User-Password = "<148><229>m<157><159>m
<246><188>8<9><160><216>}x<153>"

Tue Nov  6 09:14:20 2001: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Tue Nov  6 09:14:20 2001: DEBUG:  Deleting session for monnis,
203.63.154.1, 1234
Tue Nov  6 09:14:20 2001: DEBUG: Handling with Radius::AuthFILE:
Tue Nov  6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
Tue Nov  6 09:14:20 2001: DEBUG: Radius::AuthFILE looks for match with
monnis
Tue Nov  6 09:14:20 2001: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted
password
Tue Nov  6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
Tue Nov  6 09:14:20 2001: INFO: Access rejected for monnis: Bad Encrypted
password
Tue Nov  6 09:14:20 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 3841 ....
Code:       Access-Reject
Identifier: 200
Authentic:  1234567890123456
Attributes:
        Reply-Message = "Request Denied"



Publicb.log:
Tue Nov  6 09:14:20 2001:1005009260:
monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL

       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I don't know why there is different result.

How can I to fix it?

mtc.users:
stac    User-Password = "coulthard", Simultaneous-Use = 1
        Framed-Protocol = PPP,
        Service-Type = Framed-User,
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobson-TCP-IP

monnis  Encrypted-Password = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691", Simultaneous-Use = 1
        Framed-Protocol = PPP,
        Service-Type = Framed-User,
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobson-TCP-IP


Thank you,
Balgaa




On Mon, 5 Nov 2001, Hugh Irvine wrote:

>
> Hello Balgaa -
>
> It looks to me like the string here is wrong.
>
> monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>
> the leading ":" should probably not be there - the password should
> start with "$1$.....". Try this as the $1$ prefix is recognised
> automatically:
>
> monnisPassword = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"
>
> regards
>
> Hugh
>
>
> At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
> >Hi Hugh,
> >
> >I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
> >I finish installation and configuration successfully. I have installed
> >Digest::MD5-2.17.
> >
> >After configuration I can't to authenticate Radiator server.
> >I got following error:
> >Sat Nov3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
> >xxx.xxx.xxx.xxx
> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >*** Received from 127.0.0.1 port 1678 ....
> >Code:     Access-Request
> >Identifier: 33
> >Authentic:1234567890123456
> >Attributes:
> >       User-Name = "monnis"
> >       Service-Type = Framed-User
> >       NAS-IP-Address = 203.63.154.1
> >       NAS-Port = 1234
> >       Called-Station-Id = "123456789"
> >       Calling-Station-Id = "987654321"
> >       NAS-Port-Type = Async
> >       User-Password =
> >"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
> >
> >Sat Nov3 17:18:03 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT'
> >Sat Nov3 17:18:03 2001: DEBUG:  Deleting session for monnis,
> >203.63.154.1, 1234
> >Sat Nov3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
> >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with monnis
> >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad
> >Encrypted password
> >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >Sat Nov3 17:18:03 2001: INFO: Access rejected for monnis: Bad
> >Encrypted password
> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >*** Sending to 127.0.0.1 port 1678 ....
> >Code:     Access-Reject
> >Identifier: 33
> >Authentic:1234567890123456
> >Attributes:
> >       Reply-Message = "Request Denied"
> >
> >
> >Radiator config file:
> >Foreground
> >#LogStdout
> >LogDir        .
> >LogFile   %L/logfile
> >DbDir         .
> ># User a lower trace level in production systems:
> >Trace         4
> >
> ># You will probably want to add other Clients to suit your site,
> ># one for each NAS you want to work with
> ><Client xxx.xxx.xxx.xxx>
> >       Secret  xxxxx
> >       DupInterval 15
> ></Client>
> >
> ><Client 127.0.0.1>
> >       Secret  xxxxx
> >       DupInterval 15
> ></Client>
> ><Realm DEFAULT>
> >               PasswordLogFileName %L/publicb.log
> >       <AuthBy FILE>
> >               # Set UseGetspnamf to get more details
> >             # like expiry dates etc
> >               # Requires the shadowf module from
> >               # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
> >               #UseGetspnamf
> >               Nocache
> >               Filename %D/mtc.users
> >       </AuthBy>
> ></Realm>
> >
> >
> >mtc.users file:
> >stac  User-Password = "coulthard", Simultaneous-Use = 1
> >       Framed-Protocol = PPP,
> >       Service-Type = Framed-User,
> >       Framed-MTU = 1500,
> >       Framed-Compression = Van-Jacobson-TCP-IP
> >
> >monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
> >Simultaneous-Use = 1
> >       Framed-Protocol = PPP,
> >       Service-Type = Framed-User,
> >       Framed-MTU = 1500,
> >       Framed-Compression = Van-Jacobson-TCP-IP
> >
> >I checked both account, but can't to authenticate.
> >
> >publicb.log file:
> >Sat Nov3 17:27:40
> >2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
> ><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
> >Sat Nov3 17:31:12
> >2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> ><E2>:PxWNlVCZmSTj6:FAIL
> >Sat Nov3 17:32:41
> >2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> ><E2>:coulthard:FAIL
> >Sat Nov3 17:34:12
> >2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> ><E2>:coulthard:FAIL
> >Sat Nov3 17:34:53
> >2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> ><E2>:coulthard:FAIL
> >
> >Could you send me suggestion how to solve it?
> >I think something wrong with Radiator or MD5?
> >
> >
> >Thank you,
> >Balgaa
> >
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list