Fwd: (RADIATOR) Password length

[Tony Bunce]

Thanks for the help.

What will the UseOldAscendPasswords do to passwords under 16 characters?

I would try it right now but I'm currently dialed up and not at the
office so if I break anything I wouldn't be able to fix it.

Thanks,
Tony

-----Original Message-----
From: Mike McCauley [mailto:mikem at open.com.au] 
Sent: Wednesday, April 03, 2002 7:53 PM
To: Tony.B" <tonyb at go-concepts.com>"@oscar.open.com.au
Cc: radiator at open.com.au
Subject: Re: Fwd: (RADIATOR) Password length

Hello Tony,

> ----------  Forwarded Message  ----------
>
> Subject: (RADIATOR) Password length
> Date: Wed, 3 Apr 2002 14:02:08 -0500
> From: "Tony B" <tonyb at go-concepts.com>
> To: <radiator at open.com.au>
>
> Hello,
>
>             We have been testing radiator for a while now and just
moved
> it to our live environment.  The transaction was very smooth except
for
> two things.
>
> Does radiator limit the size of the password that the user is aloud to
> use?  We have one customer that has a 22 character password and we are
> unable to get radiator to let the user connect.  We can reproduce the
> error.  We are using AuthBy SQL and when I run the sql command it
> returns the correct value.  I can authenticate from the command line
> using radpwtst.  I want to blame it on the NAS but the user was able
to
> connect fine with our old radius server. I turned on password logging
> and it looks like it is not decrypting the password correctly.  Below
is
> the line from the password log (the actual password is half xed out).

Some NASs (in particular, old Ascends) implement a broken encryption for

passwords longer than 16 chars. There is a per client parameter that you
can 
enable to work around this. See UseOldAscendPasswords in the ref manual.

If that does not fix the problem, please send to me (privately) a level
5 
dump of the incoming request, along with the type/model of your NAS, the

correct passwrod and your shared secret.

Cheers.

....

> Thanks,
> Tony B, CCNA, Network+
> Systems Administration
> GO Concepts, Inc. / www.go-concepts.com
> Are you on the GO yet?
> What about those you know, are they on the GO?
> 513.934.2800
> 1.888.ON.GO.YET
>
> -------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.