Question
We are using free RADIUS 3.0.1 and are having difficulty getting IPMI to authenticate with it.



We tried to follow the documentation at http://www.supermicro.com/manuals/other/SMT_IPMI_Manual.pdf

But had to make the following modifications to get it to authenticate:



/etc/raddb/users file containing:

rob Cleartext-Password := "test123"

Vendor-Specific = "H=4, I=4"



After successful authentication, freeRADIUS displays the following error (and of course I'm returned to the IPMI login screen ):



Vendor-Specific = UNKNOWN-TYPE

(0) ERROR: Failed sending reply: ERROR: Unknown attribute type 21

It appears that we need to encode a vendor id, sub attribute id, attribute format, and the data. We're assuming that the data is "H=4, I=4", but what do we use for the Vendor ID, sub-attribute ID, and format?
Answer
On pages 9 and 10 it gives the following example:



"radius_admin" User-Password == "123456"

Vendor-Specific = "H=4, I=4"




In FreeRadius 2.1.12, it should be:



"radius_admin" Cleartext-Password := "123456"

Vendor-Specific = "H=4, I=4"



HOWEVER, the "Vendor-specific" attribute is no longer supported by the RFC, which is why I was unable to get it to work in FreeRadius 3.0.4.



In FreeRadius >= 3.0.4 it should be:



"radius_admin" Cleartext-Password := "123456"

Attr-26 = 0x483D342C20493D34


(where the 0xblahblah) is the hex-encoding of the "H=4, I=4" string.



others are here:

Callback H=1, I=1 Attr-26 = 0x483D312C20493D31

User H=2, I=2 Attr-26 = 0x483D322C20493D32

Operator H=3, I=3 Attr-26 = 0x483D332C20493D33

Administrator H=4, I=4 Attr-26 = 0x483D342C20493D34
Was this FAQ helpful?
YES      NO

Enter Comments Below:
Note: Your comments/feedback should be limited to this FAQ only. For technical support, please send an email to support@supermicro.com.



 Enter your email address below if you'd like technical support staff to reply:


 Please type the Captcha (no space)
A 4 A X

FAQ Stats
FAQ ID Related Category / Keyword Date Posted Code
22374 Hardware Monitoring:
- IPMI
01/29/16


    Print Answer