CoovaChilli Authentication

2019-08-15 02:08发布

站内问答 / 前端开发
873 2 5

I'm trying to authenticate with CoovaChilli using Radiusd (FreeRADIUS v2.2.5) which is running on Ubuntu 14.04 and I can't succeed.

CoovaChilli is using some different parameters beside to ChilliSpot.

Based on it's own documentation, CoovaChili works with Auth: 0 or 1 Chillispot works with Accept or Reject.

The problem is that I've tried both versions and I still cannot authenticate with radius. Do I have to modify anything in exec module ? I want to keep working both versions (chillispot, coovachilli)

Radius Error Received

...
Found Auth-Type = Local
WARNING: Please update your configuration, and remove 'Auth-Type = Local'
WARNING: Use the PAP or CHAP modules instead.
No "known good" password was configured for the user.
As a result, we cannot authenticate the user.
Failed to authenticate the user.
  WARNING: Unprintable characters in the password.  Double-check the shared secret on the server and the NAS!
Using Post-Auth-Type REJECT
...

Authorize section

authorize {
...
        exec
       update control {
                Auth-Type := "%{reply:Auth-Type}"
        }
...
}

Exec module

exec {
        wait = yes
        program = "authenticate.php"
        input_pairs = request
        shell_escape = yes
        output = none
        timeout = 10
        output_pairs = reply
}

2条回答
时光不老,我们不散
2楼-- · 2019-08-15 02:31

I got this error when in 

/etc/raddb/clients.conf

I defined the password of the client with a whitespace character.

Like:

client myClient {
    ipaddr = 999.999.999.999
    secret = password 123
}
查看更多
0人赞 添加讨论(0) 举报
Juvenile、少年°
3楼-- · 2019-08-15 02:46

Well your shared secret is incorrect if you're getting the above error. The Access-Accept or Access-Reject is signed using the shared secret, so if it's wrong Chillispot will ignore the response.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)