[RADIATOR] Encrypted Password

Roy Abu Bakar mongkeh at yahoo.com
Thu Jun 16 05:08:50 CDT 2011


Hi Heikki,

Thanks for reply.

I really happy when I saw that option on the RAdmin configuration :)
I have change the format to Unix Crypt and then change my user password.
After that, I tried to logged in, but did not succeed.
I check the log and it said "Bad Password".
Is there any configuration that I have to configure after change the password 
format?

Here is the log:

Thu Jun 16 12:53:21 2011: DEBUG: Handling with Radius::AuthRADMIN:
Thu Jun 16 12:53:21 2011: DEBUG: Handling with Radius::AuthRADMIN:
Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, 
TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS 
where USERNAME='admin'':
Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select ATTR_ID, VENDOR_ID, IVALUE, 
SVALUE, ITEM_TYPE from RADSTCONFIG where NAME='Switches' order by ITEM_TYPE':
Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select ATTR_ID, VENDOR_ID, IVALUE, 
SVALUE, ITEM_TYPE from RADCONFIG where NAME='admin' order by ITEM_TYPE':
Thu Jun 16 12:53:21 2011: DEBUG: Radius::AuthRADMIN looks for match with admin 
[admin]
Thu Jun 16 12:53:21 2011: DEBUG: do query is: 'update RADUSERS set 
BADLOGINS=BADLOGINS+1 where USERNAME='admin'':
Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, 
TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS 
where USERNAME='DEFAULT'':
Thu Jun 16 12:53:21 2011: DEBUG: AuthBy  result: REJECT, Bad Password
Thu Jun 16 12:53:21 2011: INFO: Access rejected for admin: Bad Password
Thu Jun 16 12:53:21 2011: DEBUG: Packet dump:
*** Sending to 10.0.0.200 port 1645 ....
Code:       Access-Reject
Identifier: 14
Authentic:  X<128>t<249><148>bc<16><27><172><153><160><133><128><2><162>
Attributes:
        Reply-Message = "Request Denied"


Thanks.





________________________________
From: Heikki Vatiainen <hvn at open.com.au>
To: Roy Abu Bakar <mongkeh at yahoo.com>
Cc: radiator at open.com.au
Sent: Thu, June 16, 2011 10:55:19 AM
Subject: Re: [RADIATOR] Encrypted Password

On 06/15/2011 12:18 PM, Roy Abu Bakar wrote:

Hello Roy,

Can you please tell me the name of the registered company that has
purchased this copy of Radiator?

Please reply to me directly, thanks!

> I have set up radiator using <AuthBy RADMIN> for authentication. So far, it's 
> working properly.
> I browse radmin database, and I see the user password (column PASS_WORD) is 
> saving in clear text.

If you go to RAdmin settings, you can select Password storage format.
The setting will affect passwords that are changed after you change the
setting.

> As our policy in our organization, all passwords physically in database should 

> be encrypted.
> Is there a way we can do to encrypt the password physically in the database?

If you change the setting, you need to consider the implications for
your authentication protocols too.

Best regards,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20110616/eff3314f/attachment.html 


More information about the radiator mailing list