Authentication password used by client

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Mon Sep 14 11:10:46 CEST 2009


Hi,

> Thanks for the answer.
> 
> Wireshark tells me
> 
> AVP: l=18 t=User-Password(2): Encrypted
> 
> According to your list it should be PAP, but PAP does not encrypt the
> passwords. Looking in the byte stream, I cannot find the configured
> password. So I have doubts that it's really PAP.

huh? PAP is plain text authentication - sure. but RADIUS uses shared
secrets between the NAS and the server - and the password is one
of the entities that will get a little bit of help witht his.

read a basic RADIUS book or the set of RFCs and it will tell you this.

however, this is not strong encryption...and methods that use challenge
response (eg MSCHAP) are recommended if you have worries about passwords
whizzing across the network.

alan



More information about the Freeradius-Users mailing list