radius user-password on the wire
Riccardo Veraldi
Riccardo.Veraldi at cnaf.infn.it
Tue Apr 29 14:54:04 CEST 2008
Hello,
I used wireshark to sniff communication between my radisu server and
the user-password attribute is encrypted
0000 3e ca 2d b0 97 2b b3 f9 0c e9 fc e7 e0 ed e9 fd
to test if this is strong enough I wanted to ask if there is a way to
decrypt
this user-password attribute since my radisu server is doign proxy to
other radius server.
actually my radius server is authenticating a WiFi captive portal
and is prosying requests upon username at domainname
user attributes are stripped from domain and sent to proper radius server
my question is how much is risky to have user-passsword attribute
travellign across
the network ? is the encryption applyed to the user-password strong enough ?
thanks
Rick
More information about the Freeradius-Users
mailing list