[RADIATOR] Problem with pam_radius

Christian Kratzer ck-lists at cksoft.de
Wed Mar 30 02:23:24 CDT 2011 

Hi,

On Wed, 30 Mar 2011, Francisco Rodrigo Cortinas Maseda wrote:
<snipp/>
> Tue Mar 22 09:19:00 2011: DEBUG: Handling request with Handler 'NAS-Identifier="sshd"'
> Tue Mar 22 09:19:00 2011: DEBUG:  Deleting session for frcm, 127.0.0.1, 26576
> Tue Mar 22 09:19:00 2011: DEBUG: Decoded password is <198>* uVf<204><1>w<227>-<190>V..<15>
> Tue Mar 22 09:19:00 2011: DEBUG: Handling with Radius::AuthSQL
> Tue Mar 22 09:19:00 2011: DEBUG: Handling with Radius::AuthSQL: SERVERS
> Tue Mar 22 09:19:00 2011: DEBUG: Query is: 'SELECT password FROM usuarios WHERE username='frcm'':
> Tue Mar 22 09:19:00 2011: ERR: Execute failed for 'SELECT password FROM usuarios WHERE username='frcm'': Lost connection to MySQL server during query

you have a problem with the connection to your sql server.


> Tue Mar 22 09:19:00 2011: DEBUG: Radius::AuthSQL looks for match with frcm [frcm]
> Tue Mar 22 09:19:00 2011: DEBUG: Decoded password is <198>* uVf<204><1>w<227>-<190>V..<15>

this still looks a lot like a mismatched secret.

> Tue Mar 22 09:19:00 2011: DEBUG: Radius::AuthSQL REJECT: Bad Password: frcm [frcm]
> Tue Mar 22 09:19:00 2011: DEBUG: AuthBy SQL result: REJECT, Bad Password
> Tue Mar 22 09:19:00 2011: INFO: Access rejected for frcm: Bad Password
> Tue Mar 22 09:19:00 2011: DEBUG: Packet dump:
> *** Sending to 10.0.124.53 port 27601 ....
> Code:       Access-Reject
> Identifier: 108
> Authentic:  7<22><216>m<171>zD<191><238>@<181>[zl=<253>
> Attributes:
>        Called-Station-Id = "<198>* uVf<204><1>w<227>-<190>V..<15>"
>        Reply-Message = "Bad Password"
>
> If I use the radpwtst utility on the server where I am trying to authenticate from using pam_radius, the password is correctly decoded and is showed up correctly on the trace4.

you secret is ok for the Client from 127.0.0.1 but mismatched for the Client clause that the server with pam_radius is using.

Greetings
Christian

-- 
Christian Kratzer                      CK Software GmbH
Email:   ck at cksoft.de                  Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0          D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9          HRB 245288, Amtsgericht Stuttgart
Web:     http://www.cksoft.de/         Geschaeftsfuehrer: Christian Kratzer

More information about the radiator mailing list