Authentication succeeds even with incorrect shared secret.
aland at ox.org
Thu Sep 1 16:49:08 CEST 2005
"Sayantan Bhowmick" <sbhowmick at novell.com> wrote:
> I am using FreeRADIUS version 1.0.2 and I am trying to authenticate
> users using CHAP authentication. Everything works and authentication
> goes through except that users are authenticated successfully( provided
> userid and password id correct) irrespective of what is entered for the
> "shared secret" in the client. Is this a defect? Should'nt the RADIUS
> server check whether the client is using the correct "shared secret"?
For CHAP, it can't.
The *client* will see that the response packet isn't signed
properly, and will reject it.
More information about the Freeradius-Users