Hi,
I could get some information from the below site for setting the eap:
http://www.freesoftwaremagazine.com/...uthentications
As per this site I issued the command
>>( echo "User-Name = \"root\""; echo "Cleartext-Password = \"nmsworks\""; echo "EAP-Code = Response"; echo "EAP-Id = 210"; echo "EAP-Type-Identity = \"root\""; echo "Message-Authenticator = 0x00"; ) | radeapclient -x 127.0.0.1 auth testing123
The output at the client terminal is:
Sending Access-Request packet to host 127.0.0.1 port 1812, id=26, length=0
User-Name = "root"
Cleartext-Password = "nmsworks"
EAP-Code = Response
EAP-Id = 210
EAP-Type-Identity = "root"
Message-Authenticator = 0x00
EAP-Message = 0x02d2000901726f6f74
Received Access-Challenge packet from host 127.0.0.1 port 1812, id=26, length=80
EAP-Message = 0x01d3001604105c882d850f96396a791350d192698369
Message-Authenticator = 0xd2c319108a1f3dc600a8d69f49bf4cce
State = 0x2a5db9662a8ebdd12f55a7050a873063
EAP-Id = 211
EAP-Code = Request
EAP-Type-MD5 = 0x105c882d850f96396a791350d192698369
Sending Access-Request packet to host 127.0.0.1 port 1812, id=27, length=55
User-Name = "root"
Cleartext-Password = "nmsworks"
EAP-Code = Response
EAP-Id = 211
Message-Authenticator = 0x00000000000000000000000000000000
EAP-Type-MD5 = 0x10d3cbcd198e0d6406c6584ca74a191602
State = 0x2a5db9662a8ebdd12f55a7050a873063
EAP-Message = 0x02d300160410d3cbcd198e0d6406c6584ca74a191602
Received Access-Reject packet from host 127.0.0.1 port 1812, id=27, length=44
EAP-Message = 0x04d30004
Message-Authenticator = 0x5b57ebb4f5709e1339d5d0ae4dbe057f
EAP-Id = 211
EAP-Code = Failure
-----------------------------------------------------------
At the server terminal, I got the following:
rad_recv: Access-Request packet from host 127.0.0.1 port 32785, id=244, length=55
User-Name = "root"
Message-Authenticator = 0x4f8feac41d674e739f3c05c6204edf26
EAP-Message = 0x02d2000901726f6f74
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "root", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 210 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 244 to 127.0.0.1 port 32785
EAP-Message = 0x01d3001604107af6cc87d9f8173bfcc546ddb4dee4d8
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x7ec137667e1233d38b95d8e7dd966715
Finished request 9.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 32785, id=245, length=86
User-Name = "root"
Message-Authenticator = 0x74adad66ba105d89618e792c223072cd
State = 0x7ec137667e1233d38b95d8e7dd966715
EAP-Message = 0x02d3001604109af76b1473ece42e1ea6f2c587361cae
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "root", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 211 length 22
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/md5
[eap] processing type md5
rlm_eap_md5: Cleartext-Password is required for EAP-MD5 authentication
[eap] Handler failed in EAP/md5
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> root
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 10 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 10
Sending Access-Reject of id 245 to 127.0.0.1 port 32785
EAP-Message = 0x04d30004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.9 seconds.
Cleaning up request 9 ID 244 with timestamp +744
Waking up in 1.0 seconds.
Cleaning up request 10 ID 245 with timestamp +744
Ready to process requests.
---------------------------------------------------------------
Am I need to change value of any of the parameters from the client on the command?