OS / Protocol Compatibility

Brian Julin BJulin at clarku.edu
Fri Apr 7 21:39:48 CEST 2017


David Teston wrote:
> Where can I find a protocol compatibility matrix for each OS?

Haven't seen one.  Really we need some bored retiree to start a beer money
kickstarter to test and maintain giant compatibility tables, not just for this, but
for all the nuances of wifi chipsets.

> Also, can we prioritize the protocols? Since PAP is the least secure, I'd
> like clients to try the other protocols and use PAP as the last option.

Generally supplicants are configured to use one specific protocol, not a
fallback list.  Most servers are configured to offer only one protocol to
a specific class of clients.

PAP should only be used when confined to unsniffable internal administrative
networks... there's no good reason to use it elsewhere as all it will do
is expose your user's passwords, which is worse than having no password
security at all.






More information about the Freeradius-Users mailing list