[OATH-Toolkit-help] FreeRadius integration

oath-toolkit-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] FreeRadius integration

From:	Hailu Meng
Subject:	[OATH-Toolkit-help] FreeRadius integration
Date:	Mon, 13 Jun 2011 08:52:55 -0500

Hi All,

I'm getting there. But went into some problem. I have Freeradius 1.1.3. I'm testing Radius --> PAM --> OATH. The oath toolkit got executed successfully and return the "success" message to PAM stack but for some reason pam_pass failed. Here is the debug from radiusd:

rad_recv: Access-Request packet from host 127.0.0.1:53651, id=230, length=56
        User-Name = "root"
        User-Password = "073348"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 1812
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "root", looking up realm NULL
    rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 2
    users: Matched entry DEFAULT at line 152
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns ok) for request 2
rad_check_password: Found Auth-Type pam
auth: type "PAM"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
pam_pass: using pamauth string <radiusd> for pam.conf lookup
[pam_oath.c:parse_cfg(118)] called.
[pam_oath.c:parse_cfg(119)] flags 0 argc 3
[pam_oath.c:parse_cfg(121)] argv[0]=debug
[pam_oath.c:parse_cfg(121)] argv[1]=usersfile=/etc/users.oath
[pam_oath.c:parse_cfg(121)] argv[2]=window=20
[pam_oath.c:parse_cfg(122)] debug=1
[pam_oath.c:parse_cfg(123)] alwaysok=0
[pam_oath.c:parse_cfg(124)] try_first_pass=0
[pam_oath.c:parse_cfg(125)] use_first_pass=0
[pam_oath.c:parse_cfg(126)] usersfile=/etc/users.oath
[pam_oath.c:parse_cfg(127)] digits=0
[pam_oath.c:parse_cfg(128)] window=20
[pam_oath.c:pam_sm_authenticate(157)] get user returned: root
[pam_oath.c:pam_sm_authenticate(232)] conv returned: 073348
[pam_oath.c:pam_sm_authenticate(292)] OTP: 073348
[pam_oath.c:pam_sm_authenticate(305)] authenticate rc 0 (OATH_OK: Successful return) last otp Mon Jun 13 08:32:53 2011

[pam_oath.c:pam_sm_authenticate(327)] done. [Success]
pam_pass: function pam_acct_mgmt FAILED for <root>. Reason: Authentication failure
modcall[authenticate]: module "pam" returns reject for request 2
modcall: leaving group authenticate (returns reject) for request 2
auth: Failed to validate the user.
Login incorrect: [root] (from client localhost port 1812)

Any idea about this? Thanks for your help!!

Lou

[Prev in Thread]

Current Thread

[Next in Thread]

[OATH-Toolkit-help] FreeRadius integration, Hailu Meng <=
- Re: [OATH-Toolkit-help] FreeRadius integration, Hailu Meng, 2011/06/13
  - Re: [OATH-Toolkit-help] FreeRadius integration, Simon Josefsson, 2011/06/14
    - Re: [OATH-Toolkit-help] FreeRadius integration, Hailu Meng, 2011/06/14
    - Re: [OATH-Toolkit-help] FreeRadius integration, Hailu Meng, 2011/06/14
    - Re: [OATH-Toolkit-help] FreeRadius integration, Christian Hesse, 2011/06/15
    - Re: [OATH-Toolkit-help] FreeRadius integration, Hailu Meng, 2011/06/15
- Re: [OATH-Toolkit-help] FreeRadius integration, Christian Hesse, 2011/06/14
  - Re: [OATH-Toolkit-help] FreeRadius integration, Hailu Meng, 2011/06/14

Prev by Date: Re: [OATH-Toolkit-help] Is this possible to setup our own token server?
Next by Date: Re: [OATH-Toolkit-help] FreeRadius integration
Previous by thread: [OATH-Toolkit-help] oath-toolkit_1.10.2-1_amd64.changes ACCEPTED into unstable
Next by thread: Re: [OATH-Toolkit-help] FreeRadius integration
Index(es):
- Date
- Thread