Help: PAP with Sha1

Alan DeKok aland at deployingradius.com
Fri Apr 20 13:39:14 CEST 2012


alan buxey wrote:
> regarding using SHA1 - easy, just ensure that your passwords are stored as SHA1
> objects - the docs say how to do this

  No.  He's changing the *source code* to encrypt the User-Name password
via SHA1, instead of MD5.

  This isn't supported, and will never be supported.

  People who want security should use RADIUS over TLS.  Using SHA1
instead of MD5 is broken and pointless.

  Alan DeKok.


More information about the Freeradius-Users mailing list