Question on FreeRADIUS digest authentication with SIP proxy

Philippe Sultan philippe.sultan at gmail.com
Wed Oct 12 09:50:35 CEST 2005


Hi, Chen.

There is ongoing discussion on this topic :

http://lists.freeradius.org/pipermail/freeradius-users/2005-October/047606.html

You might also want to check this, for information related to digest
authentication with RADIUS and LDAP :

http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_authentication.html

Bye,

Philippe

On 10/12/05, Cheng Zhang <czhang.cmu at gmail.com> wrote:
>
> I have setup SER to authenticate via FreeRADIUS with MSSQL DB. The SIP
> proxy (SER) use digest authentication to authenticate with FreeRADIUS
> server. This way the user's password is stored as cleartext in the
> database. I'd like to know is there a way to make such setup using
> hashed password (just MD5 or HA1)?
> I asked this question on SER's mailing list, but seems cleartext
> password is the only way to do digest authentication with FreeRADIUS.
> After reading through RFC2617 and draft-ietf-radext-digest-auth-04,
> seems to me that if Digest-Algorithm attribute in RADIUS packet is
> 'MD5-sess', there is a Digest-HA1 attribute might be useful for my
> purpose. Is there any options to tweak FreeRADIUS's digest
> authentication mode, something like 'auth_type' or 'encrypt_method'
> for MSCHAP or other authentication methods?
> Thanks.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051012/8f41581e/attachment.html>


More information about the Freeradius-Users mailing list