Hey everyone,
is it possible, that the Softether VPN Client cuts passwords with RADIUS authentication after 24 (respectively 23) characters?
I have a Softether VPN Server (4.28.9669) on Ubuntu 18.04 running with a local freeradius server.
I modified my freeradius config to print out the password in plain text and found different behaviors of cutting the password.
username: test.user
password: 1234567890123456789012345678901234567890
set password in the GUI (version (windows version 4.27 9668 via wine):
Fri Nov 16 10:17:10 2018 : ERROR: (0) scriptauth: ERROR: Program returned code (1) and output 'Reply-Message = "user: test.user - pass: 123456789012345678901234",Auth-Type = Reject,Reply-Message = "Username or password incorrect."'
set password in the CLI (version 4.27.9668):
/opt/vpnclient/vpncmd localhost /CLIENT /CMD AccountPasswordSet test /PASSWORD:123456789012345678901234567890 /TYPE:radius
Fri Nov 16 11:00:13 2018 : ERROR: (78) scriptauth: ERROR: Program returned code (1) and output 'Reply-Message = "user: test.user - pass: 12345678901234567890123",Auth-Type = Reject,Reply-Message = "Username or password incorrect."'
send a radius request with radtest from the server:
radtest -x test.user '1234567890123456789012345678901234567890' 127.0.0.1 1812 <radiussecret>
Sent Access-Request Id 150 from 0.0.0.0:34465 to 127.0.0.1:1812 length 111
User-Name = "test.user"
User-Password = "1234567890123456789012345678901234567890"
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x00
Cleartext-Password = "1234567890123456789012345678901234567890"
Received Access-Reject Id 150 from 127.0.0.1:1812 to 0.0.0.0:0 length 113
Reply-Message = "user: test.user - pass: 1234567890123456789012345678901234"
Reply-Message = "Username or password incorrect."
(0) -: Expected Access-Accept got Access-Reject
Can someone else confirm this? Should i open an issue in github for this?
Regards strob
[Solved]RADIUS passwords are cut off after 23 characters
-
strob
- Posts: 2
- Joined: Fri Nov 16, 2018 10:23 am
-
davidebeatrici
- Posts: 33
- Joined: Tue Aug 28, 2018 6:44 am
Re: RADIUS passwords are cut off after 23 characters
Hi,
Please open an issue on GitHub, so that we keep track of it.
Regards.
Please open an issue on GitHub, so that we keep track of it.
Regards.
-
strob
- Posts: 2
- Joined: Fri Nov 16, 2018 10:23 am
Re: RADIUS passwords are cut off after 23 characters
i figured it out and it was totally my fault.
i did cut the last 6 chars from the password to compare it with a MFA token and i had one error in my code, which made the difference between CLI and GUI..
Sorry!
i did cut the last 6 chars from the password to compare it with a MFA token and i had one error in my code, which made the difference between CLI and GUI..
Sorry!
-
fenice
- Posts: 184
- Joined: Sun Jul 19, 2015 4:23 pm
Re: [Solved]RADIUS passwords are cut off after 23 characters
That's good to hear you've solved it and thanks for the feedback. :)