[j-nsp] radiusd problem...

Goldschmidt, Bernd bernd.goldschmidt at siemens.com
Mon Jan 9 05:48:26 EST 2006 

Did you tried to add a user remote:

[edit]
system {
    login {
        user remote {
            uid 2001;
            class super-user;
        }
    }
}

You need this user to have a homedir on the box.
The JUNOS router will use this for all remote users.

Gruß
Bernd.




 

> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net 
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of 
> Erol KAHRAMAN
> Sent: Monday, January 02, 2006 3:32 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] radiusd problem...
> 
> hi to everybody,
> 
> I installed FreeRADIUS v 1.0.4 on FedoraCore4 server. Created system
> accounts and test it for my (HP) switches. Everything was ok. But when
> i tried to connect to my router by using radius i got the following
> error.
> 
> Jan  2 14:56:13  Router1 sshd: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:56:13  Router1 sshd[8236]: Failed password for user2 from
> 10.1.1.2 port 45067 ssh2
> Jan  2 14:56:39  Router1 sshd[8236]: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:56:40  Router1 sshd[8236]: Failed password for user2 from
> 10.1.1.2 port 45067 ssh2
> Jan  2 14:57:45  Router1 sshd[8236]: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:57:45  Router1 sshd[8236]: Accepted password for user2 from
> 10.1.1.2 port 45067 ssh2
> Jan  2 14:58:06  Router1 sshd: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:58:06  Router1 sshd[8240]: Failed password for user2 from
> 10.1.1.2 port 45068 ssh2
> Jan  2 14:58:08  Router1 inetd[3454]: /usr/sbin/sshd[8240]: 
> exited, status 255
> Jan  2 14:58:26  Router1 sshd: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:58:26  Router1 sshd[8242]: Failed password for user1 from
> 10.1.1.2 port 45069 ssh2
> Jan  2 14:58:40  Router1 sshd[8242]: rad_send_request: No valid RADIUS
> responses received
> Jan  2 14:58:40  Router1 sshd[8242]: Failed password for user1 from
> 10.1.1.2 port 45069 ssh2
> Jan  2 15:00:14  Router1 sshd[8242]: fatal: Timeout before
> authentication for 10.1.1.2
> Jan  2 15:00:14  Router1 inetd[3454]: /usr/sbin/sshd[8242]: 
> exited, status 255
> 
> my router configuration is:
> 
> system {
>     authentication-order [ radius password ];
>     }
>     radius-server {
>         10.1.2.2 {
>             secret ""; ## SECRET-DATA
>         }
>     }
> 
>         class isletmen {
>             permissions view;
>         }
> 
>         user user1 {
>             uid 2000;
>             class superuser;
>             authentication {
>                 encrypted-password ""; ## SECRET-DATA
>             }
>         }
>         user user2 {
>             uid 3000;
>             class isletmen;
>             authentication {
>                 encrypted-password ""; ## SECRET-DATA
> 
> what could be the problem ?
> 
> And also want to ask a question, which authentication server is more
> preferable TACACS or RADIUS
> 
> --
> Erol KAHRAMAN
> System Network Administrator
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list