Fwd: (RADIATOR) Password length

Mike McCauley mikem at open.com.au
Thu Apr 4 15:20:38 CST 2002


Hi Tony,

Unfortunately, the default behaviour of ClientListSQL does not include 
UseOldAscendPasswords.
I think the only way forward for you is to modify the ClientListSQL.pm code.

Cheers.

On Fri, 5 Apr 2002 01:11, Tony Bunce wrote:
> How do I use UseOldAscendPasswords with ClientListSQL?
>
> Here is part of my conf:
> <ClientListSQL>
>                 DBSource DBI:Sybase:database=XXXXXXX;server=XXXXXX
>                 DBUsername XXXXXXX
>                 DBAuth XXXXXXXX
>                 GetClientQuery select
> NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,DEFAULTREALM,NASTYP
> E,SNMPCOMMUNITY,LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS,FRAMEDGROUPMAXPORT
> SPERCLASSC,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERHOOK from
> NASClients
> </ClientListSQL>
>
> Thanks,
> Tony B, CCNA, Network+
> Systems Administration
> GO Concepts, Inc. / www.go-concepts.com
> Are you on the GO yet?
> What about those you know, are they on the GO?
> 513.934.2800
> 1.888.ON.GO.YET
>
>
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Thursday, April 04, 2002 12:44 AM
> To: Tony Bunce
> Cc: radiator at open.com.au
> Subject: Re: Fwd: (RADIATOR) Password length
>
> Hi Tony,
>
> On Thu, 4 Apr 2002 14:14, Tony Bunce wrote:
> > Thanks for the help.
> >
> > What will the UseOldAscendPasswords do to passwords under 16
>
> characters?
>
> No effect.
>
> > I would try it right now but I'm currently dialed up and not at the
> > office so if I break anything I wouldn't be able to fix it.
>
> OK, let us know how you go.
> What sort of NASs do you have?
>
> Cheers.
>
> > Thanks,
> > Tony
> >
> > -----Original Message-----
> > From: Mike McCauley [mailto:mikem at open.com.au]
> > Sent: Wednesday, April 03, 2002 7:53 PM
> > To: Tony.B" <tonyb at go-concepts.com>"@oscar.open.com.au
> > Cc: radiator at open.com.au
> > Subject: Re: Fwd: (RADIATOR) Password length
> >
> > Hello Tony,
> >
> > > ----------  Forwarded Message  ----------
> > >
> > > Subject: (RADIATOR) Password length
> > > Date: Wed, 3 Apr 2002 14:02:08 -0500
> > > From: "Tony B" <tonyb at go-concepts.com>
> > > To: <radiator at open.com.au>
> > >
> > > Hello,
> > >
> > >             We have been testing radiator for a while now and just
> >
> > moved
> >
> > > it to our live environment.  The transaction was very smooth except
> >
> > for
> >
> > > two things.
> > >
> > > Does radiator limit the size of the password that the user is aloud
>
> to
>
> > > use?  We have one customer that has a 22 character password and we
>
> are
>
> > > unable to get radiator to let the user connect.  We can reproduce
>
> the
>
> > > error.  We are using AuthBy SQL and when I run the sql command it
> > > returns the correct value.  I can authenticate from the command line
> > > using radpwtst.  I want to blame it on the NAS but the user was able
> >
> > to
> >
> > > connect fine with our old radius server. I turned on password
>
> logging
>
> > > and it looks like it is not decrypting the password correctly.
>
> Below
>
> > is
> >
> > > the line from the password log (the actual password is half xed
>
> out).
>
> > Some NASs (in particular, old Ascends) implement a broken encryption
>
> for
>
> > passwords longer than 16 chars. There is a per client parameter that
>
> you
>
> > can
> > enable to work around this. See UseOldAscendPasswords in the ref
>
> manual.
>
> > If that does not fix the problem, please send to me (privately) a
>
> level
>
> > 5
> > dump of the incoming request, along with the type/model of your NAS,
>
> the
>
> > correct passwrod and your shared secret.
> >
> > Cheers.
> >
> > ....
> >
> > > Thanks,
> > > Tony B, CCNA, Network+
> > > Systems Administration
> > > GO Concepts, Inc. / www.go-concepts.com
> > > Are you on the GO yet?
> > > What about those you know, are they on the GO?
> > > 513.934.2800
> > > 1.888.ON.GO.YET
> > >
> > > -------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list