freeradius-users-bounces+christian=poessinger.com@lists.freeradius.org
wrote:
> "Christian Poessinger" <christian@poessinger.com> wrote:
>> I'm really getting confused now ... is it actually possible to use
>> md5 hashed passwords in a sql backend and doing EAP-TTLS for
>> authenticating wireless clients?
>
> http://deployingradius.com/documents/protocols/compatibility.html
>
> See the matrix, the answer is "yes, for PAP".
>
>> I had a little look at the rlm_sql and rlm_pap sourcecode and well
>> the only attribute stuff I found was Password and Crypt-Password. So
>> I'm thinking it could be possible that it just won't work with md5
>> hashed passwords and it will only work with CRYPT passwords.
>
> In 1.1.x, you have to tell the "pap" module that the password is
> stored as an MD5 hash. See it's examples & documentation.
>
I think you mean this:
radiusd.conf
pap {
encryption_scheme = md5
}
Well I have this in my configuration since I tried to set this up but
when you look some messages ago I got it working with crypt. With the
md5 hash I always got the missing Auth-Type error. I also added an
Auth-Type MD5 {
pap
}
to the Authenticate section but I wasn't that lucky.
-CP
Attachment:
smime.p7s
Description: S/MIME cryptographic signature