Confused what to do next~How to understand FreeRadius
Fajar A. Nugraha
list at fajar.net
Tue Sep 27 12:10:39 CEST 2011
On Tue, Sep 27, 2011 at 4:25 PM, snan4love <snan4love at hotmail.com> wrote:
> Here is a first little problem.Right now i could add and delete user in the
> radcheck table of MySQL,but all the passwords were stored in cleartext?
Depending on which tutorial you follow, yes.
> is
> this the only way to store this password?
Nope
> is it safe enough?
Depends. See faq, start from
http://wiki.freeradius.org/FAQ#PAP+authentication+works+but+CHAP+fails
You should be able to store passwords as NT-Password instead of
Cleartext-Password if you only use pap and chap. Considering your
level of knowledge, I don't recommend doing so at this stage though.
> is it could be
> store in the format of ****** like what we set in the wpa-psk mode?
Just because you can't SEE it (i.e. *****) doesn't mean windows or the
AP store it in encrypted format. So your question is not relevant.
>
> Most Seriously, I am confused how to implement the "Authority Step" and
> "Accounting Step".
> For the "Authority Step",in my thought, I should create several different
> GROUPs, each GROUP has different authority,and then divide the users into
> different GROUPs and get different authority. Is that correct?
> For the "Accounting Step",i used DaloRadius,but found out there are few help
> for this web base management system online, and the MANUAL will cost
> $250.
Sorry, your question makes me confused. At this moment I suggest you
write which tutorial/manual you're following, and ask the
author/community list/forums.
> For example, there are 9 tables in the defalut mysql scheme, like
> radcheck,radacct,nas,radgroup,radgroupreply etc, is there a document to
> describe these features?
Start with doc/rlm_sql. The docs are there for a purpose you know.
--
Fajar
More information about the Freeradius-Users
mailing list