(RADIATOR) Bad Encrypted Password
Hugh Irvine
hugh at open.com.au
Wed Nov 7 19:24:39 CST 2001
Hello Balgaa -
You will have to include the shared secret on the command line:
#perl radpwtst -user stac -password coulthard -secret .....
You can use "radpwtst -h" to see all the options.
regards
Hugh
At 17:31 +0800 01/11/8, User BALGAA System Engineer wrote:
>Hi Hugh/Mike,
>
>I am using radpwtst like following same machine Radiator-2.19 working:
>
>#perl radpwtst -user monnis -password mn2001$
>#perl radpwtst -user stac -password coulthard
>
>Is it correct test?
>
>Thank you,
>Balgaa
>
>On Wed, 7 Nov 2001, Hugh Irvine wrote:
>
>> >From: Mike McCauley <mikem at open.com.au>
>> >Organization: Open System Consultants
>> >To: Hugh Irvine <hugh at open.com.au>
>> >Subject: Re: Fwd: Re: (RADIATOR) Bad Encrypted Password
>> >Date: Wed, 7 Nov 2001 07:38:20 +1100
>> >
>> >Hello,
>> >
>> >I Think the problem here is that the shared secret is wrong, causing the
>> >entered password to be decrypted incorrectly.
>> >
>> >IN this line:
>> >
>> >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
>> >>>SpbqV6691:FAIL
>> >
>> >
>> >X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2
>> >is the entered password after decoding
>> >and
>> >1$WbrWniz2$jn/eshVREm
>> >is the MD5 encrypted correct password.
>> >
>> >Sugget you check your Secret
>> >
>> >Cheers.,
>> >
>> >On Tue, 6 Nov 2001 20:28, Hugh Irvine wrote:
>> >>Mikey -
>> >>
>> >>Could you take a look at this please?
>> >>
>> >>ta
>> >>
>> >>Hugh
>> >>
>> >>> >Received: from publica.ub.mng.net (publica.ub.mng.net [202.179.0.80])
>> >>>
>> >>> by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fA5NVW327184;
>> >>> Mon, 5 Nov 2001 17:31:33 -0600
>> >>>X-Authentication-Warning: publica.ub.mng.net: balgaa owned process doing
>> >>> -bs Date: Tue, 6 Nov 2001 10:06:11 +0800 (ULAT)
>> >>
>> >> From: User BALGAA System Engineer <balgaa at publica.ub.mng.net>
>> >>
>> >>>To: Hugh Irvine <hugh at open.com.au>
>> >>>cc: <radiator at open.com.au>
>> >>>Subject: Re: (RADIATOR) Bad Encrypted Password
>> >>>
>> >>>Hello,
>> >>>
>> >>>Yes, I have changed result is same.
>> >>>
>> >>>Logfile:
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
>> >>>*** Received from 127.0.0.1 port 3841 ....
>> >>>Code: Access-Request
>> >>>Identifier: 200
>> >>>Authentic: 1234567890123456
>> >>>Attributes:
>> >>> User-Name = "monnis"
>> >>> Service-Type = Framed-User
>> >>> NAS-IP-Address = 203.63.154.1
>> >>> NAS-Port = 1234
>> >>> Called-Station-Id = "123456789"
>> >>> Calling-Station-Id = "987654321"
>> >>> NAS-Port-Type = Async
>> >>> User-Password = "<148><229>m<157><159>m
>> >>><246><188>8<9><160><216>}x<153>"
>> >>>
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Handling request with Handler
> > >>>'Realm=DEFAULT'
> > >>>Tue Nov 6 09:14:20 2001: DEBUG: Deleting session for monnis,
> > >>>203.63.154.1, 1234
> > >>>Tue Nov 6 09:14:20 2001: DEBUG: Handling with Radius::AuthFILE:
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE looks for match with
>> >>>monnis
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted
>> >>>password
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
>> >>>Tue Nov 6 09:14:20 2001: INFO: Access rejected for monnis: Bad Encrypted
>> >>>password
>> >>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
>> >>>*** Sending to 127.0.0.1 port 3841 ....
>> >>>Code: Access-Reject
>> >>>Identifier: 200
>> >>>Authentic: 1234567890123456
>> >>>Attributes:
>> >>> Reply-Message = "Request Denied"
>> >>>
>> >>>Publicb.log:
>> >>>Tue Nov 6 09:14:20 2001:1005009260:
>> >>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
>> >>>SpbqV6691:FAIL ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> >>>I don't know why there is different result.
>> >>>
>> >>>How can I to fix it?
>> >>>
>> >>>Thank you,
>> >>>Balgaa
>> >>>
>> >>>On Mon, 5 Nov 2001, Hugh Irvine wrote:
>> >>>> Hello Balgaa -
>> >>>>
>> >>>> It looks to me like the string here is wrong.
> > >>>>
>> >>>> monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>> >>>>
>> >>>> the leading ":" should probably not be there - the password should
>> >>>> start with "$1$.....". Try this as the $1$ prefix is recognised
>> >>>> automatically:
>> >>>>
>> >>>> monnisPassword = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"
>> >>>>
>> >>>> regards
>> >>>>
>> >>>> Hugh
>> >>>>
>> >>>> At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
>> >>>> >Hi Hugh,
>> >>>> >
>> >>>> >I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
>> >>>> >I finish installation and configuration successfully. I
>>have installed
>> >>>> >Digest::MD5-2.17.
>> >>>> >
>> >>>> >After configuration I can't to authenticate Radiator server.
>> >>>> >I got following error:
>> >>>> >Sat Nov3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
>> >> >> >xxx.xxx.xxx.xxx
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
>> >>>> >*** Received from 127.0.0.1 port 1678 ....
>> >>>> >Code: Access-Request
>> >>>> >Identifier: 33
>> >>>> >Authentic:1234567890123456
>> >>>> >Attributes:
>> >>>> > User-Name = "monnis"
>> >>>> > Service-Type = Framed-User
>> >>>> > NAS-IP-Address = 203.63.154.1
>> >>>> > NAS-Port = 1234
>> >>>> > Called-Station-Id = "123456789"
>> >>>> > Calling-Station-Id = "987654321"
>> >>>> > NAS-Port-Type = Async
>> >>>> > User-Password =
>> >>>> >"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
>> >>>> >
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling request with Handler
>> >>>>
>> >>>>'Realm=DEFAULT'
>> >>>>
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG:Deleting session for monnis,
>> >>>> >203.63.154.1, 1234
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with
>> >>>> > monnis Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad
>> >>>> >Encrypted password
>> >>>> >
>> >>> > >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
>> >>>> >
>> >>>>>Sat Nov3 17:18:03 2001: INFO: Access rejected for monnis: Bad
>> >>>> >Encrypted password
>> >>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
>> >>>> >*** Sending to 127.0.0.1 port 1678 ....
>> >>>> >Code: Access-Reject
>> >>>> >Identifier: 33
>> >>>> >Authentic:1234567890123456
>> >>>> >Attributes:
>> >>>> > Reply-Message = "Request Denied"
>> >>>> >
>> >>>> >
>> >>>> >Radiator config file:
>> >>>> >Foreground
>> >>>> >#LogStdout
>> >>>> >LogDir .
>> >>>> >LogFile %L/logfile
>> >>>> >DbDir .
>> >>>> ># User a lower trace level in production systems:
>> >>>> >Trace 4
>> >>>> >
>> >>>> ># You will probably want to add other Clients to suit your site,
>> >>>> ># one for each NAS you want to work with
>> >>>> ><Client xxx.xxx.xxx.xxx>
>> >>>> > Secret xxxxx
>> >>>> > DupInterval 15
>> >>>> ></Client>
>> >>>> >
>> >>>> ><Client 127.0.0.1>
>> >>>> > Secret xxxxx
>> >>>> > DupInterval 15
>> >>>> ></Client>
>> >>>> ><Realm DEFAULT>
>> >>>> > PasswordLogFileName %L/publicb.log
>> >>>> > <AuthBy FILE>
>> >>>> > # Set UseGetspnamf to get more details
>> >>>> > # like expiry dates etc
>> >>>> > # Requires the shadowf module from
>> >>>> > # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
>> >>>> > #UseGetspnamf
>> >>>> > Nocache
>> >>>> > Filename %D/mtc.users
>> >>>> > </AuthBy>
>> >>>> ></Realm>
>> >>>> >
>> >>>> >
>> >>>> >mtc.users file:
>> >>>> >stac User-Password = "coulthard", Simultaneous-Use = 1
>> >>>> > Framed-Protocol = PPP,
>> >>>> > Service-Type = Framed-User,
>> >>>> > Framed-MTU = 1500,
>> >>>> > Framed-Compression = Van-Jacobson-TCP-IP
>> >>>> >
>> >>>> >monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
>> >>>> >Simultaneous-Use = 1
>> >>>> > Framed-Protocol = PPP,
>> >>>> > Service-Type = Framed-User,
>> >> >>> Framed-MTU = 1500,
> > >>>> > Framed-Compression = Van-Jacobson-TCP-IP
>> >>>> >
>> >>>> >I checked both account, but can't to authenticate.
>> >>>> >
>> >>>> >publicb.log file:
>> >>>> >Sat Nov3 17:27:40
>> >>>> >2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
>> >>>> ><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
>> >>>> >Sat Nov3 17:31:12
>> >>>> >2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>> >>>> ><E2>:PxWNlVCZmSTj6:FAIL
>> >>>> >Sat Nov3 17:32:41
>> >>>> >2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>> >>>> ><E2>:coulthard:FAIL
>> >>>> >Sat Nov3 17:34:12
>> >>>> >2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>> >>>> ><E2>:coulthard:FAIL
>> >>>> >Sat Nov3 17:34:53
>> >>>> >2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
>> >>>> ><E2>:coulthard:FAIL
>> >>>> >
>> >>>> >Could you send me suggestion how to solve it?
>> >>>> >I think something wrong with Radiator or MD5?
>> >>>> >
>> >>>> >
>> >>>> >Thank you,
>> >>>> >Balgaa
>> >>>> >
>> >>>> >===
>> >>>> >Archive at http://www.open.com.au/archives/radiator/
>> >> >> >Announcements on radiator-announce at open.com.au
>> >>>> >To unsubscribe, email 'majordomo at open.com.au' with
>> >>>> >'unsubscribe radiator' in the body of the message.
>> >>>>
>> >>>> --
>> >>>>
>> >>>> NB: I am travelling this week, so there may be delays in our
>> >>>> correspondence.
>> >>>>
>> >>>> Radiator: the most portable, flexible and configurable RADIUS server
>> >>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> >>>> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
>> >>>> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>> >
>> >--
>> >Mike McCauley mikem at open.com.au
>> >Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
>> >24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
>> >Phone +61 3 9598-0985 Fax +61 3 9598-0955
>> >
>> >Radiator: the most portable, flexible and configurable RADIUS server
>> >anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> >Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
>> >on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
>>
>> --
>>
>> NB: I am travelling this week, so there may be delays in our correspondence.
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
>> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>>
>
>
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list