zoukankan      html  css  js  c++  java
  • freerradius 错误:pap: WARNING: No "known good" password found for the user

    具体错误如下:

    1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
    (1)   authorize {
    (1)     policy filter_username {
    (1)       if (&User-Name) {
    (1)       if (&User-Name)  -> TRUE
    (1)       if (&User-Name)  {
    (1)         if (&User-Name =~ / /) {
    (1)         if (&User-Name =~ / /)  -> FALSE
    (1)         if (&User-Name =~ /@[^@]*@/ ) {
    (1)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
    (1)         if (&User-Name =~ /../ ) {
    (1)         if (&User-Name =~ /../ )  -> FALSE
    (1)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+).(.+)$/))  {
    (1)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+).(.+)$/))   -> FALSE
    (1)         if (&User-Name =~ /.$/)  {
    (1)         if (&User-Name =~ /.$/)   -> FALSE
    (1)         if (&User-Name =~ /@./)  {
    (1)         if (&User-Name =~ /@./)   -> FALSE
    (1)       } # if (&User-Name)  = notfound
    (1)     } # policy filter_username = notfound
    (1)     [preprocess] = ok
    (1)     [chap] = noop
    (1)     [mschap] = noop
    (1)     [digest] = noop
    (1) suffix: Checking for suffix after "@"
    (1) suffix: Looking up realm "example.org" for User-Name = "user@example.org"
    (1) suffix: No such realm "example.org"
    (1)     [suffix] = noop
    (1) eap: Peer sent EAP Response (code 2) ID 11 length 6
    (1) eap: No EAP Start, assuming it's an on-going EAP conversation
    (1)     [eap] = updated
    (1)     [files] = noop
    (1)     [expiration] = noop
    (1)     [logintime] = noop
    (1) pap: WARNING: No "known good" password found for the user.  Not setting Auth-Type
    (1) pap: WARNING: Authentication will fail unless a "known good" password is available
    (1)     [pap] = noop
    (1)   } # authorize = updated
    (1) Found Auth-Type = eap
    (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
    (1)   authenticate {
    (1) eap: Expiring EAP session with state 0x230f5f1f230446d4
    (1) eap: Finished EAP session with state 0x230f5f1f230446d4
    (1) eap: Previous EAP request found for state 0x230f5f1f230446d4, released from the list
    (1) eap: Peer sent packet with method EAP NAK (3)
    (1) eap: Found mutually acceptable type TLS (13)
    (1) eap: Calling submodule eap_tls to process data
    (1) eap_tls: Initiating new EAP-TLS session
    (1) eap_tls: Setting verify mode to require certificate from client
    (1) eap_tls: [eaptls start] = request
    (1) eap: Sending EAP Request (code 1) ID 12 length 6
    (1) eap: EAP session adding &reply:State = 0x230f5f1f220352d4
    (1)     [eap] = handled
    (1)   } # authenticate = handled
    (1) Using Post-Auth-Type Challenge
    (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
    (1)   Challenge { ... } # empty sub-section is ignored
    (1) Sent Access-Challenge Id 228 from 192.168.1.122:1812 to 192.168.1.126:60730 length 0
    (1)   EAP-Message = 0x010c00060d20
    (1)   Message-Authenticator = 0x00000000000000000000000000000000
    (1)   State = 0x230f5f1f220352d482ebe8efe238f6fe
    (1) Finished request

    错误的原因:

    users 配置文件中缺少 对应 的用户名和密码。

    解决方法:

    在 /usr/local/etc/raddb/users 配置文件中添加 client端用于登录的用户名和密码即可。

    #########################################################

    # You should add test accounts to the TOP of this file!       #

    # See the example user "bob" above.                             #

    #########################################################

    user@example.org Cleartext-Password := 123456

  • 相关阅读:
    如何搜索IP的地理位置
    Windows Sockets错误标识及对应解释
    【转】GDB中应该知道的几个调试方法
    手动安装OpenCV下的IPP加速库
    Ubuntu16.04调整屏幕分辨率至1920*1080
    win10家庭版删除文件提示没有权限最简单的方式
    Centos7 HyperLedger Fabric 1.4 生产环境部署
    解析key值不确定的json数据
    (转)Centos下,Docker部署Yapi接口管理平台
    (转)手工释放linux内存——/proc/sys/vm/drop_cache
  • 原文地址:https://www.cnblogs.com/rohens-hbg/p/7592898.html
Copyright © 2011-2022 走看看