2020-09-02 - Re: [GRASE-Hotspot] Mac authentication on V4

Header Data

From: Tim <ti***8@gmail.com>
Message Hash: 2ff203ef3d5afa2e5c172367106639f8183ba13321fb14f8237d3508eacd79c6
Message ID: <CAESLx0LJXMNabQ4_nar7PpgbxbH3DEOh=DJb_wNhoy0vGnfjVQ@mail.gmail.com>
Reply To: <trinity-67878e32-721a-4912-bb6d-eb455f3580a3-1599043678018@3c-app-mailcom-lxa07>
UTC Datetime: 2020-09-02 06:41:41 UTC
Raw Date: Wed, 02 Sep 2020 21:41:41 +0800

Raw message

Hi Chris

Assuming the radreply lines are correct, you may need to force reload Coova
Chilli. I currently have limited ability to test things like MAC auth as my
testing machine is currently having a hard drive rebuilt (from backups).

You can try setting the default config to match the database, edit
/etc/chilli/config and find the commented out HS_MACPASSWD line, uncomment
it and update it to the MAC auth password you've set in the database.

HS_MACAUTH=on              # To turn on MAC Authentication
#HS_MACPASSWD="password"

Again, force reload coova-chilli.

I'd also look in the radpostauth table to see if you can even see
authentication attempts, that (and the freeradius logs) should at least
show if a MAC auth is being attempted, and what the username format is.
There really is no difference between a MAC account and a normal account,
except that the macpasswd is fixed, and it's automatically logged in by
CoovaChilli at DHCP time.

Once my HDD rebuild is complete, I'll spin up my VMs and do some MAC
testing (and fixup the interface too)

Regards

Tim

On Wed, 2 Sep 2020 at 18:47, Christopher Gregory <
ch***y@mail.com> wrote:

> Hello Tim,
>
> I am sorry to keep on with this, but I really do need this to work.
>
> I have located the line that you mentioned in radreply and changed
> macpasswd=password to my preferred password.  This does not allow the two
> accounts to connect to the hotspot.  I uncompressed the latest backup made
> of the old V3 and verified that it is indeed the correct place for the
> password to reside.
>
> The one thing that I am confused about, is that you say that the mac
> addresses need to be entered in all caps, and yet even in the V3 mysql
> database they are stored all in lowercase.  I have tried adding the
> password to the mysql database, matching it like it is in the V3 database,
> but it never authenticates.  It only shows up in the dhcpleases in a "dnat"
> state.
>
> I really do not want to wipe the database and re-import the V3 and have it
> upgraded, as I do not see how this is going to change anything.  I have
> even gone so far as to create the macaddress account with lower case
> letters, and that did not work.
>
> Is there some other place within the database or config files that I need
> to change something?
>
> Regards,
>
> Christopher.
>
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/trinity-67878e32-721a-4912-bb6d-eb455f3580a3-1599043678018%403c-app-mailcom-lxa07
> .
>

Thread