Plain text shared secrets problematic?

Alan DeKok aland at
Mon Apr 2 14:46:31 CEST 2012

Heilz wrote:
> Thanks for the quick answer.
> Yes, the RADIUS secret was what I meant.
> Since we want to use a freeRADIUS proxy in our DMZ and because a secure
> connection from our customers to our application is important, that seems to
> be a problem. Are there maybe some best practices for a case like that, or
> isn't the plain-text secret such an issue after all?

  (a) use a plain-text secret

  (b) install the git "master" branch, and use RadSec.

  (c) use IPSec for connectivity

  There are no other choices.

  Alan DeKok.

More information about the Freeradius-Users mailing list