Re: Freeradius and OpenLDAP authentication with hashed passwords
mel wrote:
> A bit clearer now. So you're saying that I should use:
>
> radtest testuser {SHA}... <radiusserver> 0 <secret>
No. The *client* is not the *server*. The client sends a clear-text
password to the server. The server looks up the user in a database, and
(perhaps) finds a SHA hashed password. The server then SHA hashes the
password supplied by the client, and compares it to the SHA password
from the database.
Alan DeKok.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.