(RADIATOR) Bad attribute=value pair

Wed Jul 2 03:46:14 CDT 2003

It's a very simple one:

########    IW   /etc/radius/users     ############
testUser at pt UserPassword = 1234567890

###################################################

Francisco 

-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: quarta-feira, 2 de Julho de 2003 0:48
To: Francisco Contreiras
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) Bad attribute=value pair

Hello Francisco -

Could you send me a copy of the user record? I suspect a problem 
therein.

regards

Hugh

On Wednesday, Jul 2, 2003, at 04:03 Australia/Melbourne, Francisco 
Contreiras wrote:

> I have Radiator configured and working for PEAP-MSCHAP e EAP-TTLS. I 
> can establish the connection for both EAP types.
>
> Using a 3 level trace I allways get this error: "Tue Jul  1 19:43:08 
> 2003: ERR: Bad attribute=value pair: 1234567890" where the 1234567890 
> is the user password. I'm using a text based DB with clear text 
> passwords.
>
> Why this happens?
>
> Thank you
>
> Francisco Contreiras
>
> ######## LOG #################
> "
> [root at cuco Radiator-Demo-3.6]# perl radiusd -foreground -log_stdout 
> -trace 3 -config_file /etc/radius/radius.cfg
> Tue Jul  1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
> Tue Jul  1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
> Tue Jul  1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
> Tue Jul  1 19:42:47 2003: DEBUG: Finished reading configuration file 
> '/etc/radius/radius.cfg'
> This Radiator license will expire on 2003-10-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your evaluation period, contact admin at open.com.au
> Tue Jul  1 19:42:48 2003: NOTICE: Server started: Radiator 3.6 on 
> cuco.lx.it.pt (EVALUATION)
> Tue Jul  1 19:43:02 2003: INFO: EAP Nak desires type 21
> Tue Jul  1 19:43:08 2003: ERR: Bad attribute=value pair: 1234567890
> "
>
> ########## Config file ##########
> AuthPort                1812
> AcctPort                1813
> LogDir                  /var/log/radius
> DbDir                   /etc/radius
> DictionaryFile          %D/dictionary,%D/dictionary.ascend
> PidFile                 /var/run/radiusd.pid
> Trace                   4
>
> <Client 192.168.0.253>
>         Secret ######
> </Client>
> #Pedidos "internos", vindos de um tu'nel PEAP
> <Handler TunnelledByPEAP=1>
>         <AuthBy FILE>
>                 Filename /etc/radius/users
>                 EAPType MSCHAP-V2
>         </AuthBy>
> </Handler>
> #Pedidos internos enviados por tu'nel TTLS
> <Handler TunnelledByTTLS=1>
>         <AuthBy FILE>
>                 Filename /etc/radius/users
>                 EAPType PAP
>                 # TLS requere a config abaixo
>                 EAPTLS_CAFile 
> /root/Radiator-Demo-3.6/certificates/demoCA/cacert.pem
>                 EAPTLS_CertificateFile 
> /root/Radiator-Demo-3.6/certificates/cert-srv.pem
>                 EAPTLS_CertificateType PEM
>                 EAPTLS_PrivateKeyFile 
> /root/Radiator-Demo-3.6/certificates/cert-srv.pem
>                 EAPTLS_PrivateKeyPassword whatever
>         </AuthBy>
> </Handler>
>
> <Handler Realm = pt>
>         <AuthBy FILE>
>                 Filename                        /etc/radius/users
>                                                                 #Para 
> ja' permite PEAP, TTLS
>                                                                 # 
> adicionar outras variantes de EAP aqui
>                 EAPType                         PEAP, TTLS
>                                                                 #Caso 
> se use TLS:
>                                                                 
> #certificados sao gerados atrave's do sc
>                                                                 
> #mkcertificate.sh, em goodies/
>                 EAPTLS_CAFile 
> /root/Radiator-Demo-3.6/certificates/demoCA/cacert.pem
>                 EAPTLS_CertificateFile 
> /root/Radiator-Demo-3.6/certificates/cert-srv.pem
>                 EAPTLS_CertificateType          PEM
>                 EAPTLS_PrivateKeyFile 
> /root/Radiator-Demo-3.6/certificates/cert-srv.pem
>                 EAPTLS_PrivateKeyPassword       whatever
>                 EAPTLS_MaxFragmentSize          1024
>                 AutoMPPEKeys
>                 SSLeayTrace                     4
>  </AuthBy>
> </Handler>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.