Help: PAP with Sha1
A.L.M.Buxey at lboro.ac.uk
Fri Apr 20 14:08:02 CEST 2012
> Thanks for the mail Alan. I don't agree with your comment that it is *not*
> RADIUS if we choose SHA1 over MD5. RADIUS supports SHA1 hashed
> user-password attribute. Following link confirms it.
are you talking about changing user passwords (as i first assumed) or are you talking
about changing the way RADIUS packets are passed (as Alan mentioned)?
if the former, then no code changes are needed on the server...it takes SHA1 fine.
it you are talking about doing SHA1 for the shared secret - which then encrypts the
payload for passwords access-requests - then thats playing with RADIUS specification...
and if you are thinking of doing that then I'd say STOP and use RADSEC instead.
More information about the Freeradius-Users