[Chilli] CoovaChilli uam secret / RADIUS secret causing random corrupt user passwords

james at purple.so james at purple.so
Tue Apr 29 07:05:56 UTC 2014


Hi All

We have a random problem that keeps showing up.

We have CoovaChilli configured to use a uam secret and radius secret as
normal, but randomly, we will have a user who tried to log on be rejected by
our FreeRADIUS server because of what appears to be a garbage/corrupt
password. Looking online this indicates that either the shared secret or
uamsecret is incorrect, but they are definitely correct, and all others
users can log on 99% of this time, so it's just random.

We can even have one user rejected and then another one who logs on straight
after with no issue, so the secrets must be correct.

Looking in our radius logs shows the garbage password, like:

User / Pass / Reply / Date
myusername / B=C2=D4=D0=0B=F9=EB=C8d=7E=A3=C0=E6=7CY=FAF=95=D6= /
Access-Reject / 2014-04-28 21:03:51
myusername2 / =04=DFH4:J=C9z=C8=8A=3D=82=C1=C9=DA2W=8D=19=60=3CN /
Access-Reject / 2014-04-28 21:03:52

Normal login show the expected password.

Can anyone shed any further light?

Thanks

James




More information about the Chilli mailing list