(RADIATOR) Bad Encrypted Password
User BALGAA System Engineer
balgaa at publica.ub.mng.net
Thu Nov 8 05:19:33 CST 2001
Hi Mike/Hugh,
Thank you very much, it is working great.
I glad to use Radiator in our production system.
Balgaa
On Thu, 8 Nov 2001, Hugh Irvine wrote:
>
> Hello Balgaa -
>
> You will have to include the shared secret on the command line:
>
> #perl radpwtst -user stac -password coulthard -secret .....
>
> You can use "radpwtst -h" to see all the options.
>
> regards
>
> Hugh
>
>
> At 17:31 +0800 01/11/8, User BALGAA System Engineer wrote:
> >Hi Hugh/Mike,
> >
> >I am using radpwtst like following same machine Radiator-2.19 working:
> >
> >#perl radpwtst -user monnis -password mn2001$
> >#perl radpwtst -user stac -password coulthard
> >
> >Is it correct test?
> >
> >Thank you,
> >Balgaa
> >
> >On Wed, 7 Nov 2001, Hugh Irvine wrote:
> >
> >>>From: Mike McCauley <mikem at open.com.au>
> >>>Organization: Open System Consultants
> >>>To: Hugh Irvine <hugh at open.com.au>
> >>>Subject: Re: Fwd: Re: (RADIATOR) Bad Encrypted Password
> >>>Date: Wed, 7 Nov 2001 07:38:20 +1100
> >>>
> >>>Hello,
> >>>
> >>>I Think the problem here is that the shared secret is wrong, causing the
> >>>entered password to be decrypted incorrectly.
> >>>
> >>>IN this line:
> >>>
> >>>>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
> >>>>>SpbqV6691:FAIL
> >>>
> >>>
> >>>X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2
> >>>is the entered password after decoding
> >>>and
> >>>1$WbrWniz2$jn/eshVREm
> >>>is the MD5 encrypted correct password.
> >>>
> >>>Sugget you check your Secret
> >>>
> >>>Cheers.,
> >>>
> >>>On Tue, 6 Nov 2001 20:28, Hugh Irvine wrote:
> >>>>Mikey -
> >>>>
> >>>>Could you take a look at this please?
> >>>>
> >>>>ta
> >>>>
> >>>>Hugh
> >>>>
> >>>>> >Received: from publica.ub.mng.net (publica.ub.mng.net [202.179.0.80])
> >>>>>
> >>>>> by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fA5NVW327184;
> >>>>> Mon, 5 Nov 2001 17:31:33 -0600
> >>>>>X-Authentication-Warning: publica.ub.mng.net: balgaa owned process doing
> >>>>> -bs Date: Tue, 6 Nov 2001 10:06:11 +0800 (ULAT)
> >>>>
> >>>> From: User BALGAA System Engineer <balgaa at publica.ub.mng.net>
> >>>>
> >>>>>To: Hugh Irvine <hugh at open.com.au>
> >>>>>cc: <radiator at open.com.au>
> >>>>>Subject: Re: (RADIATOR) Bad Encrypted Password
> >>>>>
> >>>>>Hello,
> >>>>>
> >>>>>Yes, I have changed result is same.
> >>>>>
> >>>>>Logfile:
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
> >>>>>*** Received from 127.0.0.1 port 3841 ....
> >>>>>Code: Access-Request
> >>>>>Identifier: 200
> >>>>>Authentic: 1234567890123456
> >>>>>Attributes:
> >>>>> User-Name = "monnis"
> >>>>> Service-Type = Framed-User
> >>>>> NAS-IP-Address = 203.63.154.1
> >>>>> NAS-Port = 1234
> >>>>> Called-Station-Id = "123456789"
> >>>>> Calling-Station-Id = "987654321"
> >>>>> NAS-Port-Type = Async
> >>>>> User-Password = "<148><229>m<157><159>m
> >>>>><246><188>8<9><160><216>}x<153>"
> >>>>>
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Handling request with Handler
> >> >>>'Realm=DEFAULT'
> >> >>>Tue Nov 6 09:14:20 2001: DEBUG: Deleting session for monnis,
> >> >>>203.63.154.1, 1234
> >> >>>Tue Nov 6 09:14:20 2001: DEBUG: Handling with Radius::AuthFILE:
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE looks for match with
> >>>>>monnis
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted
> >>>>>password
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Reading users file ./mtc.users
> >>>>>Tue Nov 6 09:14:20 2001: INFO: Access rejected for monnis: Bad Encrypted
> >>>>>password
> >>>>>Tue Nov 6 09:14:20 2001: DEBUG: Packet dump:
> >>>>>*** Sending to 127.0.0.1 port 3841 ....
> >>>>>Code: Access-Reject
> >>>>>Identifier: 200
> >>>>>Authentic: 1234567890123456
> >>>>>Attributes:
> >>>>> Reply-Message = "Request Denied"
> >>>>>
> >>>>>Publicb.log:
> >>>>>Tue Nov 6 09:14:20 2001:1005009260:
> >>>>>monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC<E2>:$1$WbrWniz2$jn/eshVREmXyE
> >>>>>SpbqV6691:FAIL ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>>>>I don't know why there is different result.
> >>>>>
> >>>>>How can I to fix it?
> >>>>>
> >>>>>Thank you,
> >>>>>Balgaa
> >>>>>
> >>>>>On Mon, 5 Nov 2001, Hugh Irvine wrote:
> >>>>>> Hello Balgaa -
> >>>>>>
> >>>>>> It looks to me like the string here is wrong.
> >> >>>>
> >>>>>> monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
> >>>>>>
> >>>>>> the leading ":" should probably not be there - the password should
> >>>>>> start with "$1$.....". Try this as the $1$ prefix is recognised
> >>>>>> automatically:
> >>>>>>
> >>>>>> monnisPassword = "$1$WbrWniz2$jn/eshVREmXyESpbqV6691"
> >>>>>>
> >>>>>> regards
> >>>>>>
> >>>>>> Hugh
> >>>>>>
> >>>>>> At 15:31 +0800 01/11/5, User BALGAA System Engineer wrote:
> >>>>>> >Hi Hugh,
> >>>>>> >
> >>>>>> >I have installed Radiator-2.19 on the PC w/FreeBSD-4.4-STABLE.
> >>>>>> >I finish installation and configuration successfully. I
> >>have installed
> >>>>>> >Digest::MD5-2.17.
> >>>>>> >
> >>>>>> >After configuration I can't to authenticate Radiator server.
> >>>>>> >I got following error:
> >>>>>> >Sat Nov3 17:18:00 2001: INFO: Server started: Radiator 2.19 on
> >>>> >> >xxx.xxx.xxx.xxx
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >>>>>> >*** Received from 127.0.0.1 port 1678 ....
> >>>>>>>Code: Access-Request
> >>>>>> >Identifier: 33
> >>>>>> >Authentic:1234567890123456
> >>>>>> >Attributes:
> >>>>>> > User-Name = "monnis"
> >>>>>> > Service-Type = Framed-User
> >>>>>> > NAS-IP-Address = 203.63.154.1
> >>>>>> > NAS-Port = 1234
> >>>>>> > Called-Station-Id = "123456789"
> >>>>>> > Calling-Station-Id = "987654321"
> >>>>>> > NAS-Port-Type = Async
> >>>>>> > User-Password =
> >>>>>> >"<148><229>m<157><159>m<246><188>8<9><160><216>}x<153>"
> >>>>>> >
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling request with Handler
> >>>>>>
> >>>>>>'Realm=DEFAULT'
> >>>>>>
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG:Deleting session for monnis,
> >>>>>> >203.63.154.1, 1234
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Handling with Radius::AuthFILE:
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE looks for match with
> >>>>>> > monnis Sat Nov3 17:18:03 2001: DEBUG: Radius::AuthFILE REJECT: Bad
> >>>>>> >Encrypted password
> >>>>>> >
> >>>>> > >Sat Nov3 17:18:03 2001: DEBUG: Reading users file ./mtc.users
> >>>>>> >
> >>>>>>>Sat Nov3 17:18:03 2001: INFO: Access rejected for monnis: Bad
> >>>>>> >Encrypted password
> >>>>>> >Sat Nov3 17:18:03 2001: DEBUG: Packet dump:
> >>>>>> >*** Sending to 127.0.0.1 port 1678 ....
> >>>>>> >Code: Access-Reject
> >>>>>> >Identifier: 33
> >>>>>> >Authentic:1234567890123456
> >>>>>> >Attributes:
> >>>>>> > Reply-Message = "Request Denied"
> >>>>>> >
> >>>>>> >
> >>>>>> >Radiator config file:
> >>>>>> >Foreground
> >>>>>> >#LogStdout
> >>>>>> >LogDir .
> >>>>>> >LogFile %L/logfile
> >>>>>> >DbDir .
> >>>>>> ># User a lower trace level in production systems:
> >>>>>> >Trace 4
> >>>>>> >
> >>>>>> ># You will probably want to add other Clients to suit your site,
> >>>>>> ># one for each NAS you want to work with
> >>>>>>><Client xxx.xxx.xxx.xxx>
> >>>>>> > Secret xxxxx
> >>>>>> > DupInterval 15
> >>>>>> ></Client>
> >>>>>> >
> >>>>>> ><Client 127.0.0.1>
> >>>>>> > Secret xxxxx
> >>>>>> > DupInterval 15
> >>>>>> ></Client>
> >>>>>>><Realm DEFAULT>
> >>>>>> > PasswordLogFileName %L/publicb.log
> >>>>>> > <AuthBy FILE>
> >>>>>> > # Set UseGetspnamf to get more details
> >>>>>> > # like expiry dates etc
> >>>>>> > # Requires the shadowf module from
> >>>>>> > # ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz
> >>>>>> > #UseGetspnamf
> >>>>>> > Nocache
> >>>>>> > Filename %D/mtc.users
> >>>>>> > </AuthBy>
> >>>>>> ></Realm>
> >>>>>> >
> >>>>>> >
> >>>>>> >mtc.users file:
> >>>>>> >stac User-Password = "coulthard", Simultaneous-Use = 1
> >>>>>> > Framed-Protocol = PPP,
> >>>>>> > Service-Type = Framed-User,
> >>>>>>> Framed-MTU = 1500,
> >>>>>> > Framed-Compression = Van-Jacobson-TCP-IP
> >>>>>> >
> >>>>>> >monnisEncrypted-Password = ":$1$WbrWniz2$jn/eshVREmXyESpbqV6691",
> >>>>>> >Simultaneous-Use = 1
> >>>>>> > Framed-Protocol = PPP,
> >>>>>> > Service-Type = Framed-User,
> >>>> >>> Framed-MTU = 1500,
> >> >>>> > Framed-Compression = Van-Jacobson-TCP-IP
> >>>>>> >
> >>>>>> >I checked both account, but can't to authenticate.
> >>>>>> >
> >>>>>> >publicb.log file:
> >>>>>> >Sat Nov3 17:27:40
> >>>>>> >2001:1004779660:monnis:X<D0>6WEZ<A0>^L<C1><BE><A7><F9>^W'ESC
> >>>>>> ><E2>:$1$WbrWniz2$jn/eshVREmXyESpbqV6691:FAIL
> >>>>>> >Sat Nov3 17:31:12
> >>>>>> >2001:1004779872:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>>>> ><E2>:PxWNlVCZmSTj6:FAIL
> >>>>>> >Sat Nov3 17:32:41
> >>>>>> >2001:1004779961:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>>>> ><E2>:coulthard:FAIL
> >>>>>> >Sat Nov3 17:34:12
> >>>>>> >2001:1004780052:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>>>> ><E2>:coulthard:FAIL
> >>>>>> >Sat Nov3 17:34:53
> >>>>>> >2001:1004780093:stac:V<D1>q^K^A^C<E5>~<A5><BE><A7><F9>^W'ESC
> >>>>>> ><E2>:coulthard:FAIL
> >>>>>> >
> >>>>>> >Could you send me suggestion how to solve it?
> >>>>>> >I think something wrong with Radiator or MD5?
> >>>>>> >
> >>>>>> >
> >>>>>> >Thank you,
> >>>>>> >Balgaa
> >>>>>> >
> >>>>>> >===
> >>>>>> >Archive at http://www.open.com.au/archives/radiator/
> >>>> >> >Announcements on radiator-announce at open.com.au
> >>>>>> >To unsubscribe, email 'majordomo at open.com.au' with
> >>>>>> >'unsubscribe radiator' in the body of the message.
> >>>>>>
> >>>>>> --
> >>>>>>
> >>>>>> NB: I am travelling this week, so there may be delays in our
> >>>>>> correspondence.
> >>>>>>
> >>>>>> Radiator: the most portable, flexible and configurable RADIUS server
> >>>>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >>>>>> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> >>>>>> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> >>>
> >>>--
> >>>Mike McCauley mikem at open.com.au
> >>>Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
> >>>24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
> >>>Phone +61 3 9598-0985 Fax +61 3 9598-0955
> >>>
> >>>Radiator: the most portable, flexible and configurable RADIUS server
> >>>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >>>Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
> >>>on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
> >>
> >>--
> >>
> >>NB: I am travelling this week, so there may be delays in our correspondence.
> >>
> >>Radiator: the most portable, flexible and configurable RADIUS server
> >>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >>Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> >>Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> >>
> >
> >
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list