Hacktopia

So you set up your radius server, and you want to make sure that it is authenicationg your users properly.

$radtest username password servername port secret

$radtest clinets-username clients-password (hostname of server) (radtest username password servername port secret) (shared secret between radius client and server)

I would like to note that if set the hostname to somewhere where a radius server does not exist then you will keep on getting output saying “Sending Access-Request of id 27 to 203.65.22.105 port 1812″ this is because the radius server works over UDP so it has no idea if the server received the packets or not, so it just keeps trying.

A successful test looks like this

hostname:~# radtest    username  userpassword hostname.com  1813 sharedsecret
Sending Access-Request of id 60 to 203.65.22.105 port 1812 User-Name = “username”
User-Password = “userpassword”
NAS-IP-Address =203.65.22.105
NAS-Port = 1813
rad_recv: Access-Accept packet from host 203.65.22.105 port 1812, id=60, length=20

A rejected login test looks like this

hostname:~# radtest    username  userpassword hostname.com  1813 sharedsecret
Sending Access-Request of id 60 to 203.65.22.105 port 1812 User-Name = “username”
User-Password = “userpassword”
NAS-IP-Address =203.65.22.105
NAS-Port = 1813
rad_recv: Access-Reject packet from host 208.73.74.68 port 1812, id=80, length=20

I was trying to ssh from one Sun Soalris server to another.

# ssh  remoteserver
ssh_exchange_identification: Connection closed by remote host
# ssh -v remoteserver
Sun_SSH_1.1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to mimi [10.20.55.222] port 22.
debug1: Connection established.
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x34ae8(0×0)
#

Err it would not let me connect.  As you can see I first tried to ssh, then ssh in verbose mode.  As you can see the output did not really give anything that useful.

I logged into the remote server and all it would tell me is

Jul  7 11:37:53 remoteserver sshd[21761]: refused connect from clientserver

I wold have to be connected to the serial console to see this message, I was not able to see the message anywhere else.  Not in /var/adm/messages or /var/log/syslog

So what I ended up doing was adding this line to /etc/hosts.allow

p_ctminetd,sshd,bpcd,vnetd,vopied,bpjava-msvc: 10.20.55. : allow

That line allowed any host in the 10.20.55.* subnet to connect to the server now, and ssh was allowed to connect.

Here we see that we have a back slash created by mistake.

user:/var/www/core# ls -l
total 56
-rw-r–r– 1 root     root      213 2009-06-01 07:14 \
-rw-r–r– 1 user user 378 2009-05-21 09:14 ads.php

We try to delete it but it is not possible because the back slash is a special charter.

user:/var/www/core# rm \
>

So we have to go and list out the inode numbers.  Those are the inode numbers in the first collum.

user:/var/www/core# ls -li
total 56
458132 -rw-r–r– 1 root     root      213 2009-06-01 07:14 \
457759 -rw-r–r– 1 user user 378 2009-05-21 09:14 ads.php

So now we use find to delete the inode number which in turn deletes the file.

user:/var/www/core# find . -inum 458132 -exec rm -i {} \;
rm: remove regular file `./\\’? y
user:/var/www/core# ls -l
total 52
-rw-r–r– 1 user user 378 2009-05-21 09:14 ads.php