EAP-PEAP/MS-ChapV2 password storing options
mda at unb.ca
Tue Feb 13 14:26:17 CET 2007
Thanks for the link!
BTW, I have nothing against SecureW2, but if we don't have to install an
extra piece of software on 10,000 computers on campus, I'd like to avoid it!
From: Alan DeKok [mailto:aland at deployingradius.com]
Sent: February 13, 2007 2:57 AM
To: mda at unb.ca; FreeRadius users mailing list
Subject: Re: EAP-PEAP/MS-ChapV2 password storing options
Matt Ashfield wrote:
> We're trying to implement username/password authentication and so far are
> using EAP-PAP (with secureW2 client) because our passwords are stored in
> LDAP in a 1-way encrypted hash.
> We're hoping to get away from this secureW2 implementation and would like
> use Windows built-in authentication, which seems to be EAP-PEAP with
> MS-ChapV2 authentication.
What's wrong with SecureW2?
> In order to get EAP-PEAP/MS-ChapV2 to work with FreeRadius, what are my
> options for storing the password in LDAP? Does it have to be clear-text?
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users