(RADIATOR) Bad Encrypted Password

Hugh Irvine hugh at open.com.au
Wed Nov 7 19:24:39 CST 2001


Hello Balgaa -

You will have to include the shared secret on the command line:

	#perl radpwtst -user stac -password coulthard -secret .....

You can use "radpwtst -h" to see all the options.

regards

Hugh


At 17:31 +0800 01/11/8, User BALGAA System Engineer wrote:
>Hi Hugh/Mike,
>
>I am using radpwtst like following same machine Radiator-2.19 working:
>
>#perl radpwtst -user monnis -password mn2001$
>#perl radpwtst -user stac -password coulthard
>
>Is it correct test?
>
>Thank you,
>Balgaa
>
>On Wed, 7 Nov 2001, Hugh Irvine wrote:
>
>>  >From: Mike McCauley <mikem at open.com.au>
>>  >Organization: Open System Consultants
>>  >To: Hugh Irvine <hugh at open.com.au>
>>  >Subject: Re: Fwd: Re: (RADIATOR) Bad Encrypted Password
>>  >Date: Wed, 7 Nov 2001 07:38:20 +1100
>>  >
>>  >Hello,
>>  >
>>  >I Think the problem here is that the shared secret is wrong, causing the
>>  >entered password to be decrypted incorrectly.
>>  >
>>  >IN this line:
>>  >
>>  >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
>>  >>>SpbqV6691:FAIL
>>  >
>>  >
>>  >X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2
>>  >is the entered password after decoding
>>  >and
>>  >1$WbrWniz2$jn/eshVREm
>>  >is the MD5 encrypted correct password.
>>  >
>>  >Sugget you check your Secret
>>  >
>>  >Cheers.,
>>  >
>>  >On Tue, 6 Nov 2001 20:28, Hugh Irvine wrote:
>>  >>Mikey -
>>  >>
>>  >>Could you take a look at this please?
>>  >>
>>  >>ta
>>  >>
>>  >>Hugh
>>  >>
>>  >>>  >Received: from publica.ub.mng.net (publica.ub.mng.net [202.179.0.80])
>>  >>>
>>  >>>	by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fA5NVW327184;
>>  >>>	Mon, 5 Nov 2001 17:31:33 -0600
>>  >>>X-Authentication-Warning: publica.ub.mng.net: balgaa owned process doing
>>  >>> -bs Date: Tue, 6 Nov 2001 10:06:11 +0800 (ULAT)
>>  >>
>>  >> From: User BALGAA System Engineer <balgaa at publica.ub.mng.net>
>>  >>
>>  >>>To: Hugh Irvine <hugh at open.com.au>
>>  >>>cc: <radiator at open.com.au>
>>  >>>Subject: Re: (RADIATOR) Bad Encrypted Password
>>  >>>
>>  >>>Hello,
>>  >>>
>>  >>>Yes, I have changed result is same.
>>  >>>
>>  >>>Logfile:
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Packet dump:
>>  >>>*** Received from 127.0.0.1 port 3841 ....
>>  >>>Code:       Access-Request
>>  >>>Identifier: 200
>>  >>>Authentic:  1234567890123456
>>  >>>Attributes:
>>  >>>         User-Name = "monnis"
>>  >>>         Service-Type = Framed-User
>>  >>>         NAS-IP-Address = 203.63.154.1
>>  >>>         NAS-Port = 1234
>>  >>>         Called-Station-Id = "123456789"
>>  >>>         Calling-Station-Id = "987654321"
>>  >>>         NAS-Port-Type = Async
>>  >>>         User-Password = "<148><229>m<157><159>m
>>  >>><246><188>8<9><160><216>}x<153>"
>>  >>>
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Handling request with Handler
>  > >>>'Realm=DEFAULT'
>  > >>>Tue Nov  6 09:14:20 2001: DEBUG:  Deleting session for monnis,
>  > >>>203.63.154.1, 1234
>  > >>>Tue Nov  6 09:14:20 2001: DEBUG: Handling with Radius::AuthFILE:
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Radius::AuthFILE looks for match with
>>  >>>monnis
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted
>>  >>>password
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
>>  >>>Tue Nov  6 09:14:20 2001: INFO: Access rejected for monnis: Bad Encrypted
>>  >>>password
>>  >>>Tue Nov  6 09:14:20 2001: DEBUG: Packet dump:
>>  >>>*** Sending to 127.0.0.1 port 3841 ....
>>  >>>Code:       Access-Reject
>>  >>>Identifier: 200
>>  >>>Authentic:  1234567890123456
>>  >>>Attributes:
>>  >>>         Reply-Message = "Request Denied"
>>  >>>
>>  >>>Publicb.log:
>>  >>>Tue Nov  6 09:14:20 2001:1005009260:
>>  >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
>>  >>>SpbqV6691:FAIL ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>  >>>I don't know why there is different result.
>>  >>>
>>  >>>How can I to fix it?
>>  >>>
>>  >>>Thank you,
>>  >>>Balgaa
>>  >>>
>>  >>>On Mon, 5 Nov 2001, Hugh Irvine wrote:
>>  >>>>  Hello Balgaa -
>>  >>>>
>>  >>>>  It looks to me like the string here is wrong.
>  > >>>>
>>  >>>>  monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>>  >>>>
>>  >>>>  the leading ":" should probably not be there - the password should
>>  >>>>  start with "$1$.....". Try this as the $1$ prefix is recognised
>>  >>>>  automatically:
>>  >>>>
>>  >>>>  monnisPassword = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"
>>  >>>>
>>  >>>>  regards
>>  >>>>
>>  >>>>  Hugh
>>  >>>>
>>  >>>>  At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
>>  >>>>  >Hi Hugh,
>>  >>>>  >
>>  >>>>  >I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
>>  >>>>  >I finish installation and configuration successfully. I 
>>have installed
>>  >>>>  >Digest::MD5-2.17.
>>  >>>>  >
>>  >>>>  >After configuration I can't to authenticate Radiator server.
>>  >>>>  >I got following error:
>>  >>>>  >Sat Nov3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
>>  >> >>  >xxx.xxx.xxx.xxx
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
>>  >>>>  >*** Received from 127.0.0.1 port 1678 ....
>>  >>>>  >Code:     Access-Request
>>  >>>>  >Identifier: 33
>>  >>>>  >Authentic:1234567890123456
>>  >>>>  >Attributes:
>>  >>>>  >       User-Name = "monnis"
>>  >>>>  >       Service-Type = Framed-User
>>  >>>>  >       NAS-IP-Address = 203.63.154.1
>>  >>>>  >       NAS-Port = 1234
>>  >>>>  >       Called-Station-Id = "123456789"
>>  >>>>  >       Calling-Station-Id = "987654321"
>>  >>>>  >       NAS-Port-Type = Async
>>  >>>>  >       User-Password =
>>  >>>>  >"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
>>  >>>>  >
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Handling request with Handler
>>  >>>>
>>  >>>>'Realm=DEFAULT'
>>  >>>>
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG:Deleting session for monnis,
>>  >>>>  >203.63.154.1, 1234
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with
>>  >>>>  > monnis Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad
>>  >>>>  >Encrypted password
>>  >>>>  >
>>  >>>  > >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>>  >>>>  >
>>  >>>>>Sat Nov3 17:18:03 2001: INFO: Access rejected for monnis: Bad
>>  >>>>  >Encrypted password
>>  >>>>  >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
>>  >>>>  >*** Sending to 127.0.0.1 port 1678 ....
>>  >>>>  >Code:     Access-Reject
>>  >>>>  >Identifier: 33
>>  >>>>  >Authentic:1234567890123456
>>  >>>>  >Attributes:
>>  >>>>  >       Reply-Message = "Request Denied"
>>  >>>>  >
>>  >>>>  >
>>  >>>>  >Radiator config file:
>>  >>>>  >Foreground
>>  >>>>  >#LogStdout
>>  >>>>  >LogDir        .
>>  >>>>  >LogFile   %L/logfile
>>  >>>>  >DbDir         .
>>  >>>>  ># User a lower trace level in production systems:
>>  >>>>  >Trace         4
>>  >>>>  >
>>  >>>>  ># You will probably want to add other Clients to suit your site,
>>  >>>>  ># one for each NAS you want to work with
>>  >>>>  ><Client xxx.xxx.xxx.xxx>
>>  >>>>  >       Secret  xxxxx
>>  >>>>  >       DupInterval 15
>>  >>>>  ></Client>
>>  >>>>  >
>>  >>>>  ><Client 127.0.0.1>
>>  >>>>  >       Secret  xxxxx
>>  >>>>  >       DupInterval 15
>>  >>>>  ></Client>
>>  >>>>  ><Realm DEFAULT>
>>  >>>>  >               PasswordLogFileName %L/publicb.log
>>  >>>>  >       <AuthBy FILE>
>>  >>>>  >               # Set UseGetspnamf to get more details
>>  >>>>  >             # like expiry dates etc
>>  >>>>  >               # Requires the shadowf module from
>>  >>>>  >               # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
>>  >>>>  >               #UseGetspnamf
>>  >>>>  >               Nocache
>>  >>>>  >               Filename %D/mtc.users
>>  >>>>  >       </AuthBy>
>>  >>>>  ></Realm>
>>  >>>>  >
>>  >>>>  >
>>  >>>>  >mtc.users file:
>>  >>>>  >stac  User-Password = "coulthard", Simultaneous-Use = 1
>>  >>>>  >       Framed-Protocol = PPP,
>>  >>>>  >       Service-Type = Framed-User,
>>  >>>>  >       Framed-MTU = 1500,
>>  >>>>  >     Framed-Compression = Van-Jacobson-TCP-IP
>>  >>>>  >
>>  >>>>  >monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>>  >>>>  >Simultaneous-Use = 1
>>  >>>>  >       Framed-Protocol = PPP,
>>  >>>>  >       Service-Type = Framed-User,
>>  >> >>>       Framed-MTU = 1500,
>  > >>>>  >       Framed-Compression = Van-Jacobson-TCP-IP
>>  >>>>  >
>>  >>>>  >I checked both account, but can't to authenticate.
>>  >>>>  >
>>  >>>>  >publicb.log file:
>>  >>>>  >Sat Nov3 17:27:40
>>  >>>>  >2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
>>  >>>>  ><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
>>  >>>>  >Sat Nov3 17:31:12
>>  >>>>  >2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>>  >>>>  ><E2>:PxWNlVCZmSTj6:FAIL
>>  >>>>  >Sat Nov3 17:32:41
>>  >>>>  >2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>>  >>>>  ><E2>:coulthard:FAIL
>>  >>>>  >Sat Nov3 17:34:12
>>  >>>>  >2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>>  >>>>  ><E2>:coulthard:FAIL
>>  >>>>  >Sat Nov3 17:34:53
>>  >>>>  >2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>>  >>>>  ><E2>:coulthard:FAIL
>>  >>>>  >
>>  >>>>  >Could you send me suggestion how to solve it?
>>  >>>>  >I think something wrong with Radiator or MD5?
>>  >>>>  >
>>  >>>>  >
>>  >>>>  >Thank you,
>>  >>>>  >Balgaa
>>  >>>>  >
>>  >>>>  >===
>>  >>>>  >Archive at http://www.open.com.au/archives/radiator/
>>  >> >>  >Announcements on radiator-announce at open.com.au
>>  >>>>  >To unsubscribe, email 'majordomo at open.com.au' with
>>  >>>>  >'unsubscribe radiator' in the body of the message.
>>  >>>>
>>  >>>>  --
>>  >>>>
>>  >>>>  NB: I am travelling this week, so there may be delays in our
>>  >>>> correspondence.
>>  >>>>
>>  >>>>  Radiator: the most portable, flexible and configurable RADIUS server
>>  >>>>  anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>  >>>>  Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
>>  >>>>  Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>>  >
>>  >--
>>  >Mike McCauley                             mikem at open.com.au
>>  >Open System Consultants Pty. Ltd          Unix, Perl, Motif, C++, WWW
>>  >24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
>>  >Phone +61 3 9598-0985                     Fax   +61 3 9598-0955
>>  >
>>  >Radiator: the most portable, flexible and configurable RADIUS server
>>  >anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>  >Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
>>  >on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
>>
>>  --
>>
>>  NB: I am travelling this week, so there may be delays in our correspondence.
>>
>>  Radiator: the most portable, flexible and configurable RADIUS server
>>  anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>  Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
>>  Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>>
>
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list