• Registered: 2008-02-28
  • Posts: 1

Topic: Chillispot on DD-WRT with Radius; Pasword check failed??

Hello,
if some user is connecting with chillispot, I get this error in my freeradius debuing window:

-----------------------------------------------------------------
Debug: rlm_chap: login attempt by "qppwlr" with CHAP password
Debug: rlm_chap: Using clear text password imx for user qppwlr authentication.
Debug: rlm_chap: Pasword check failed
-----------------------------------------------------------------

Can somebody help me?


Thank you

  • Registered: 2008-03-13
  • Posts: 2

Re: Chillispot on DD-WRT with Radius; Pasword check failed??

Why should I use CHAP-Challenge and CHAP-Password?
By default chilli uses CHAP-Challenge and CHAP-Password. The advantage is that the actual passwords will only be known to the web server and the "home" radius server. Neither chilli nor any radius proxy servers get to know the actual password.

CHAP-Challenge and CHAP-Password authentication is generally vulnerable to dictionary attacks. To protect against dictionary attacks on the air interface you should uncomment the following line in the file /var/www/cgi-bin/hotspotlogin.cgi:

$uamsecret = "ht2eb8ej6s4et3rg1ulp";

You should set the secret to something only you know, and pass the same secret to chilli in the file /etc/chilli.conf:

uamsecret ht2eb8ej6s4et3rg1ulp

The uamsecret parameter is used to encrypt the challenge and response when it is transferred from the web server to chilli.



see that above,you should set the same secret in the loginpage,dd-wrt and chilli server