[Jradius] JRadius Proxy mangles User-Password
wlan at mac.com
Thu Aug 19 17:04:57 UTC 2010
The shared secret from CoovaChilli(UAM) to JRadius should be "radsec"
On Thu, 2010-08-19 at 10:49 +0200, Murray Long wrote:
> Oh interesting, so it's only the password field that gets hashed by
> shared secret?
> At the moment I have:
> UAM --(radsec) --> Jradius ---(radius)--> freeradius
> I defiantly got the same secret between Jradius and freeradius ( set
> in radSecProxyHander.sharedSecret )
> But I haven't told Jradius about the shared secret being used by the
> UAM, and I'm not sure where to set this. Can someone point me in the
> right direction?
> Thanks Murray
> On Thu, Aug 19, 2010 at 8:21 AM, wlanmac <wlan at mac.com> wrote:
> The User-Password is always encoded ("encrypted") with the
> shared secret
> on the wire. Changes are that there is a shared secret mix up
> On Wed, 2010-08-18 at 17:31 +0200, Murray Long wrote:
> > Hi Everyone,
> > I'm trying to set up JRadius to accept Radsec connections
> and proxy
> > them onto freeradius.
> > I've set up jardius as described on coova.org, and it seems
> to work
> > well, except the User-Password is encrypted by the time it
> > freeradius
> > I get the following reported on the freeradius side:
> > User-Name = "testuser"
> > User-Password = "\212\230\306\310\313}\010\231\257\211F
> > \365JJ\2173\240b\367\215+ҵu\177=\237\304\001"
> > My NAS is sending plaintext passwords so I'm pretty sure
> Jradius is
> > mangling the User-Password somehow.
> > Does anyone know why this would be happening and how to
> prevent it?
> > I did notice "dictionary.rfc2865" had a line:
> > User-Password 2 string encrypt=1
> > but setting encrypt=0 dosn't seem to make a difference.
> > Thanks,
> > Murray
> > _______________________________________________
> > Jradius mailing list
> > Jradius at coova.org
> > http://lists.coova.org/cgi-bin/mailman/listinfo/jradius
> Jradius mailing list
> Jradius at coova.org
More information about the Jradius