(RADIATOR) Bad Encrypted Password
User BALGAA System Engineer
balgaa at publica.ub.mng.net
Thu Nov 8 03:31:12 CST 2001
Hi Hugh/Mike,
I am using radpwtst like following same machine Radiator-2.19 working:
#perl radpwtst -user monnis -password mn2001$
#perl radpwtst -user stac -password coulthard
Is it correct test?
Thank you,
Balgaa
On Wed, 7 Nov 2001, Hugh Irvine wrote:
> >From: Mike McCauley <mikem at open.com.au>
> >Organization: Open System Consultants
> >To: Hugh Irvine <hugh at open.com.au>
> >Subject: Re: Fwd: Re: (RADIATOR) Bad Encrypted Password
> >Date: Wed, 7 Nov 2001 07:38:20 +1100
> >
> >Hello,
> >
> >I Think the problem here is that the shared secret is wrong, causing the
> >entered password to be decrypted incorrectly.
> >
> >IN this line:
> >
> >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
> >>>SpbqV6691:FAIL
> >
> >
> >X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2
> >is the entered password after decoding
> >and
> >1$WbrWniz2$jn/eshVREm
> >is the MD5 encrypted correct password.
> >
> >Sugget you check your Secret
> >
> >Cheers.,
> >
> >On Tue, 6 Nov 2001 20:28, Hugh Irvine wrote:
> >>Mikey -
> >>
> >>Could you take a look at this please?
> >>
> >>ta
> >>
> >>Hugh
> >>
> >>> >Received: from publica.ub.mng.net (publica.ub.mng.net [202.179.0.80])
> >>>
> >>> by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fA5NVW327184;
> >>> Mon, 5 Nov 2001 17:31:33 -0600
> >>>X-Authentication-Warning: publica.ub.mng.net: balgaa owned process doing
> >>> -bs Date: Tue, 6 Nov 2001 10:06:11 +0800 (ULAT)
> >>
> >> From: User BALGAA System Engineer <balgaa at publica.ub.mng.net>
> >>
> >>>To: Hugh Irvine <hugh at open.com.au>
> >>>cc: <radiator at open.com.au>
> >>>Subject: Re: (RADIATOR) Bad Encrypted Password
> >>>
> >>>Hello,
> >>>
> >>>Yes, I have changed result is same.
> >>>
> >>>Logfile:
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
> >>>*** Received from 127.0.0.1 port 3841 ....
> >>>Code: Access-Request
> >>>Identifier: 200
> >>>Authentic: 1234567890123456
> >>>Attributes:
> >>> User-Name = "monnis"
> >>> Service-Type = Framed-User
> >>> NAS-IP-Address = 203.63.154.1
> >>> NAS-Port = 1234
> >>> Called-Station-Id = "123456789"
> >>> Calling-Station-Id = "987654321"
> >>> NAS-Port-Type = Async
> >>> User-Password = "<148><229>m<157><159>m
> >>><246><188>8<9><160><216>}x<153>"
> >>>
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Handling request with Handler
> >>>'Realm=DEFAULT'
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Deleting session for monnis,
> >>>203.63.154.1, 1234
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Handling with Radius::AuthFILE:
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE looks for match with
> >>>monnis
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted
> >>>password
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
> >>>Tue Nov 6 09:14:20 2001: INFO: Access rejected for monnis: Bad Encrypted
> >>>password
> >>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
> >>>*** Sending to 127.0.0.1 port 3841 ....
> >>>Code: Access-Reject
> >>>Identifier: 200
> >>>Authentic: 1234567890123456
> >>>Attributes:
> >>> Reply-Message = "Request Denied"
> >>>
> >>>Publicb.log:
> >>>Tue Nov 6 09:14:20 2001:1005009260:
> >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
> >>>SpbqV6691:FAIL ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>>I don't know why there is different result.
> >>>
> >>>How can I to fix it?
> >>>
> >>>Thank you,
> >>>Balgaa
> >>>
> >>>On Mon, 5 Nov 2001, Hugh Irvine wrote:
> >>>> Hello Balgaa -
> >>>>
> >>>> It looks to me like the string here is wrong.
> >>>>
> >>>> monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
> >>>>
> >>>> the leading ":" should probably not be there - the password should
> >>>> start with "$1$.....". Try this as the $1$ prefix is recognised
> >>>> automatically:
> >>>>
> >>>> monnisPassword = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"
> >>>>
> >>>> regards
> >>>>
> >>>> Hugh
> >>>>
> >>>> At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
> >>>> >Hi Hugh,
> >>>> >
> >>>> >I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
> >>>> >I finish installation and configuration successfully. I have installed
> >>>> >Digest::MD5-2.17.
> >>>> >
> >>>> >After configuration I can't to authenticate Radiator server.
> >>>> >I got following error:
> >>>> >Sat Nov3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
> >> >> >xxx.xxx.xxx.xxx
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >>>> >*** Received from 127.0.0.1 port 1678 ....
> >>>> >Code: Access-Request
> >>>> >Identifier: 33
> >>>> >Authentic:1234567890123456
> >>>> >Attributes:
> >>>> > User-Name = "monnis"
> >>>> > Service-Type = Framed-User
> >>>> > NAS-IP-Address = 203.63.154.1
> >>>> > NAS-Port = 1234
> >>>> > Called-Station-Id = "123456789"
> >>>> > Calling-Station-Id = "987654321"
> >>>> > NAS-Port-Type = Async
> >>>> > User-Password =
> >>>> >"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
> >>>> >
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling request with Handler
> >>>>
> >>>>'Realm=DEFAULT'
> >>>>
> >>>> >Sat Nov3 17:18:03 2001: DEBUG:Deleting session for monnis,
> >>>> >203.63.154.1, 1234
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with
> >>>> > monnis Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad
> >>>> >Encrypted password
> >>>> >
> >>> > >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >>>> >
> >>>>>Sat Nov3 17:18:03 2001: INFO: Access rejected for monnis: Bad
> >>>> >Encrypted password
> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >>>> >*** Sending to 127.0.0.1 port 1678 ....
> >>>> >Code: Access-Reject
> >>>> >Identifier: 33
> >>>> >Authentic:1234567890123456
> >>>> >Attributes:
> >>>> > Reply-Message = "Request Denied"
> >>>> >
> >>>> >
> >>>> >Radiator config file:
> >>>> >Foreground
> >>>> >#LogStdout
> >>>> >LogDir .
> >>>> >LogFile %L/logfile
> >>>> >DbDir .
> >>>> ># User a lower trace level in production systems:
> >>>> >Trace 4
> >>>> >
> >>>> ># You will probably want to add other Clients to suit your site,
> >>>> ># one for each NAS you want to work with
> >>>> ><Client xxx.xxx.xxx.xxx>
> >>>> > Secret xxxxx
> >>>> > DupInterval 15
> >>>> ></Client>
> >>>> >
> >>>> ><Client 127.0.0.1>
> >>>> > Secret xxxxx
> >>>> > DupInterval 15
> >>>> ></Client>
> >>>> ><Realm DEFAULT>
> >>>> > PasswordLogFileName %L/publicb.log
> >>>> > <AuthBy FILE>
> >>>> > # Set UseGetspnamf to get more details
> >>>> > # like expiry dates etc
> >>>> > # Requires the shadowf module from
> >>>> > # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
> >>>> > #UseGetspnamf
> >>>> > Nocache
> >>>> > Filename %D/mtc.users
> >>>> > </AuthBy>
> >>>> ></Realm>
> >>>> >
> >>>> >
> >>>> >mtc.users file:
> >>>> >stac User-Password = "coulthard", Simultaneous-Use = 1
> >>>> > Framed-Protocol = PPP,
> >>>> > Service-Type = Framed-User,
> >>>> > Framed-MTU = 1500,
> >>>> > Framed-Compression = Van-Jacobson-TCP-IP
> >>>> >
> >>>> >monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
> >>>> >Simultaneous-Use = 1
> >>>> > Framed-Protocol = PPP,
> >>>> > Service-Type = Framed-User,
> >> >>> Framed-MTU = 1500,
> >>>> > Framed-Compression = Van-Jacobson-TCP-IP
> >>>> >
> >>>> >I checked both account, but can't to authenticate.
> >>>> >
> >>>> >publicb.log file:
> >>>> >Sat Nov3 17:27:40
> >>>> >2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
> >>>> ><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
> >>>> >Sat Nov3 17:31:12
> >>>> >2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>> ><E2>:PxWNlVCZmSTj6:FAIL
> >>>> >Sat Nov3 17:32:41
> >>>> >2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>> ><E2>:coulthard:FAIL
> >>>> >Sat Nov3 17:34:12
> >>>> >2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>> ><E2>:coulthard:FAIL
> >>>> >Sat Nov3 17:34:53
> >>>> >2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>> ><E2>:coulthard:FAIL
> >>>> >
> >>>> >Could you send me suggestion how to solve it?
> >>>> >I think something wrong with Radiator or MD5?
> >>>> >
> >>>> >
> >>>> >Thank you,
> >>>> >Balgaa
> >>>> >
> >>>> >===
> >>>> >Archive at http://www.open.com.au/archives/radiator/
> >> >> >Announcements on radiator-announce at open.com.au
> >>>> >To unsubscribe, email 'majordomo at open.com.au' with
> >>>> >'unsubscribe radiator' in the body of the message.
> >>>>
> >>>> --
> >>>>
> >>>> NB: I am travelling this week, so there may be delays in our
> >>>> correspondence.
> >>>>
> >>>> Radiator: the most portable, flexible and configurable RADIUS server
> >>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >>>> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> >>>> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> >
> >--
> >Mike McCauley mikem at open.com.au
> >Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
> >24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
> >Phone +61 3 9598-0985 Fax +61 3 9598-0955
> >
> >Radiator: the most portable, flexible and configurable RADIUS server
> >anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
> >on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list