[j-nsp] radiusd problem...

Erol KAHRAMAN erol.kahraman at gmail.com
Mon Jan 2 09:32:13 EST 2006


hi to everybody,

I installed FreeRADIUS v 1.0.4 on FedoraCore4 server. Created system
accounts and test it for my (HP) switches. Everything was ok. But when
i tried to connect to my router by using radius i got the following
error.

Jan  2 14:56:13  Router1 sshd: rad_send_request: No valid RADIUS
responses received
Jan  2 14:56:13  Router1 sshd[8236]: Failed password for user2 from
10.1.1.2 port 45067 ssh2
Jan  2 14:56:39  Router1 sshd[8236]: rad_send_request: No valid RADIUS
responses received
Jan  2 14:56:40  Router1 sshd[8236]: Failed password for user2 from
10.1.1.2 port 45067 ssh2
Jan  2 14:57:45  Router1 sshd[8236]: rad_send_request: No valid RADIUS
responses received
Jan  2 14:57:45  Router1 sshd[8236]: Accepted password for user2 from
10.1.1.2 port 45067 ssh2
Jan  2 14:58:06  Router1 sshd: rad_send_request: No valid RADIUS
responses received
Jan  2 14:58:06  Router1 sshd[8240]: Failed password for user2 from
10.1.1.2 port 45068 ssh2
Jan  2 14:58:08  Router1 inetd[3454]: /usr/sbin/sshd[8240]: exited, status 255
Jan  2 14:58:26  Router1 sshd: rad_send_request: No valid RADIUS
responses received
Jan  2 14:58:26  Router1 sshd[8242]: Failed password for user1 from
10.1.1.2 port 45069 ssh2
Jan  2 14:58:40  Router1 sshd[8242]: rad_send_request: No valid RADIUS
responses received
Jan  2 14:58:40  Router1 sshd[8242]: Failed password for user1 from
10.1.1.2 port 45069 ssh2
Jan  2 15:00:14  Router1 sshd[8242]: fatal: Timeout before
authentication for 10.1.1.2
Jan  2 15:00:14  Router1 inetd[3454]: /usr/sbin/sshd[8242]: exited, status 255

my router configuration is:

system {
    authentication-order [ radius password ];
    }
    radius-server {
        10.1.2.2 {
            secret ""; ## SECRET-DATA
        }
    }

        class isletmen {
            permissions view;
        }

        user user1 {
            uid 2000;
            class superuser;
            authentication {
                encrypted-password ""; ## SECRET-DATA
            }
        }
        user user2 {
            uid 3000;
            class isletmen;
            authentication {
                encrypted-password ""; ## SECRET-DATA

what could be the problem ?

And also want to ask a question, which authentication server is more
preferable TACACS or RADIUS

--
Erol KAHRAMAN
System Network Administrator



More information about the juniper-nsp mailing list