Fwd: (RADIATOR) Password length

Mike McCauley mikem at open.com.au
Wed Apr 3 23:44:24 CST 2002


Hi Tony,

On Thu, 4 Apr 2002 14:14, Tony Bunce wrote:
> Thanks for the help.
>
> What will the UseOldAscendPasswords do to passwords under 16 characters?

No effect.

>
> I would try it right now but I'm currently dialed up and not at the
> office so if I break anything I wouldn't be able to fix it.

OK, let us know how you go.
What sort of NASs do you have?

Cheers.

>
> Thanks,
> Tony
>
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Wednesday, April 03, 2002 7:53 PM
> To: Tony.B" <tonyb at go-concepts.com>"@oscar.open.com.au
> Cc: radiator at open.com.au
> Subject: Re: Fwd: (RADIATOR) Password length
>
> Hello Tony,
>
> > ----------  Forwarded Message  ----------
> >
> > Subject: (RADIATOR) Password length
> > Date: Wed, 3 Apr 2002 14:02:08 -0500
> > From: "Tony B" <tonyb at go-concepts.com>
> > To: <radiator at open.com.au>
> >
> > Hello,
> >
> >             We have been testing radiator for a while now and just
>
> moved
>
> > it to our live environment.  The transaction was very smooth except
>
> for
>
> > two things.
> >
> > Does radiator limit the size of the password that the user is aloud to
> > use?  We have one customer that has a 22 character password and we are
> > unable to get radiator to let the user connect.  We can reproduce the
> > error.  We are using AuthBy SQL and when I run the sql command it
> > returns the correct value.  I can authenticate from the command line
> > using radpwtst.  I want to blame it on the NAS but the user was able
>
> to
>
> > connect fine with our old radius server. I turned on password logging
> > and it looks like it is not decrypting the password correctly.  Below
>
> is
>
> > the line from the password log (the actual password is half xed out).
>
> Some NASs (in particular, old Ascends) implement a broken encryption for
>
> passwords longer than 16 chars. There is a per client parameter that you
> can
> enable to work around this. See UseOldAscendPasswords in the ref manual.
>
> If that does not fix the problem, please send to me (privately) a level
> 5
> dump of the incoming request, along with the type/model of your NAS, the
>
> correct passwrod and your shared secret.
>
> Cheers.
>
> ....
>
> > Thanks,
> > Tony B, CCNA, Network+
> > Systems Administration
> > GO Concepts, Inc. / www.go-concepts.com
> > Are you on the GO yet?
> > What about those you know, are they on the GO?
> > 513.934.2800
> > 1.888.ON.GO.YET
> >
> > -------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list