encrypted password - radius over WAN
- To: freeradius-users@lists.freeradius.org
- Subject: encrypted password - radius over WAN
- From: Agent Smith <news8080@yahoo.com>
- Date: Sun, 21 Jan 2007 19:33:42 -0800 (PST)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=rx4PBuJBIOvSbA0EmDToOMyvEUxm9JdYUPmLhQFxuhdOECDNpR8z51ztqXU3DHtXIHRE0GXrEW36d3zYUmQnhtmu/EDO5X+kvE06fe6tRSST4JyqV1dPoFiMUvjw71iohkqlLHM16cz4e/LW2puCMPo6qk5Cu9/RHDxXHU27NsI= ;
- Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
I'd like to implement pam_radius module on some of our
Linux boxes but I am worried about password
(pam_radius can only do PAP) being captured and
misused since the radius server is at central office
and clients are all over the place.
I read
(http://www.cisco.com/warp/public/480/10.html#comp_packet_encry)
that radius encrypts passwords using the secret key
between radius server and client, is this true with
FR?
I suppose I can build some stun or openvpn tunnels
between linux clients and FR but before I go down that
road, I'd like to know if its necessary.
____________________________________________________________________________________
Don't get soaked. Take a quick peak at the forecast
with the Yahoo! Search weather shortcut.
http://tools.search.yahoo.com/shortcuts/#loc_weather
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.