Secure Storage and Transport of User Credentials
Marco Macala
marco.macala at gmail.com
Wed Jul 11 14:37:35 CEST 2012
The problem is, that I do not trust the network and I don't want to store
the password in plain.
Also, isn't the NT Hash insecure beacuse it is easily cracked? Or am i
mixing things up?
2012/7/11 alan buxey <A.L.M.Buxey at lboro.ac.uk>
> Hi,
>
> > is there a way to securely transport and store the Username/Password
> with
> > freeradius?
> > If I am informed correctly, you can use PEAP to ensure that the data
> is
> > encrypted but the most supported PEAP mode is with MSCHAPv2 which
> implies
> > that the passwords are stored in clear text or NT-Hash.
>
> ....PEAP will securely transport things - as with MSCHAPv2 the password is
> never sent.
>
>
> whether the passwords are stored in plain/nt-has format is down to how you
> are doing things..
> if they are stored in AD then they are not stored in a plain format.
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120711/ca1066ac/attachment.html>
More information about the Freeradius-Users
mailing list