Fwd: (RADIATOR) Password length

Mike McCauley mikem at open.com.au
Wed Apr 3 18:52:59 CST 2002 

Hello Tony,


> ----------  Forwarded Message  ----------
>
> Subject: (RADIATOR) Password length
> Date: Wed, 3 Apr 2002 14:02:08 -0500
> From: "Tony B" <tonyb at go-concepts.com>
> To: <radiator at open.com.au>
>
> Hello,
>
>             We have been testing radiator for a while now and just moved
> it to our live environment.  The transaction was very smooth except for
> two things.
>
> Does radiator limit the size of the password that the user is aloud to
> use?  We have one customer that has a 22 character password and we are
> unable to get radiator to let the user connect.  We can reproduce the
> error.  We are using AuthBy SQL and when I run the sql command it
> returns the correct value.  I can authenticate from the command line
> using radpwtst.  I want to blame it on the NAS but the user was able to
> connect fine with our old radius server. I turned on password logging
> and it looks like it is not decrypting the password correctly.  Below is
> the line from the password log (the actual password is half xed out).

Some NASs (in particular, old Ascends) implement a broken encryption for 
passwords longer than 16 chars. There is a per client parameter that you can 
enable to work around this. See UseOldAscendPasswords in the ref manual.

If that does not fix the problem, please send to me (privately) a level 5 
dump of the incoming request, along with the type/model of your NAS, the 
correct passwrod and your shared secret.

Cheers.

....

> Thanks,
> Tony B, CCNA, Network+
> Systems Administration
> GO Concepts, Inc. / www.go-concepts.com
> Are you on the GO yet?
> What about those you know, are they on the GO?
> 513.934.2800
> 1.888.ON.GO.YET
>
> -------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list