(RADIATOR) Re: What you recommend for cisco login?

Hugh Irvine hugh at open.com.au
Mon Nov 7 16:48:10 CST 2005 

Hello Sergei -

Have a look at the FAQ:

	http://www.open.com.au/radiator/faq.html#6

There has also been lots of discussion on the mailing list:

	www.open.com.au/archives/radiator

Check the Cisco web site for details:

	www.cisco.com

You will need to use the rcrypt utility (found in the "goodies"  
directory) to generate the rcrypt passwords.

perl rcrypt -h
usage: rcrypt [-h] [-e] [-k key] plaintext/crypt
         encrypting: rcrypt -k key -e plaintext
         decrypting: rcrypt -k key crypttext

The RcryptKey parameter must be included in the AuthBy clause:

	<AuthBy FILE>
		RcryptKey somestring
		.....
	</AuthBy>

See section 6.18.21 in the Radiator 3.13 reference manual ("doc/ 
ref.html").

regards

Hugh


On 8 Nov 2005, at 02:38, Sergei Keler wrote:

> Hi!
>
> I plan to change cisco router login from local to radius.
>
> What you recommend to do (including tiny howto:)?
> So, I need to keep passwords crypted. Do I need some special magic  
> because the following doesnt work:
>
> radius.cfg:
> RcryptKey xxx
> ...
> <Realm xxx>
> ...
> <Authby FILE>
> ...
> ...
>
> And the file contains:
> pupkin    Password = "{rcrypt}wdwdwdwdwd"
>
> Bad password it said :-(
> Changing "{rcrypt}wdwd" to plain password grant access easy...
>
> Where to dig?
>
> Sergei Keler
> General DataComm
> IT-manager
> tel.:     +7(812)325-1085
> fax:     +7(812)325-1086
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list