Proxy-tester nagios check for Freeradius

Fekete Tamás fektom at gmail.com
Wed Feb 6 09:31:29 CET 2019


Thank you!
It solved all my further questions.

Alan DeKok <aland at deployingradius.com> ezt írta (időpont: 2019. febr. 5.,
K, 14:01):

> On Feb 5, 2019, at 5:58 AM, Fekete Tamás <fektom at gmail.com> wrote:
> >
> > I would like to make a proxy-tester Nagios check for Freeradius and would
> > like to ask some help for debugging as I experience some problem with
> using
> > eapol_test.
> >
> > The design is that a user wants to authenticate at realm "A" with
> > credentials stored at realm "B".
> > The infrastructure already set up for proxying based on the realm names
> and
> > the Access-Requests are do forwarded.
>
>   OK...
>
> > I tried this proxy scenario with radtest. And with radtest it works.
> >
> > However, I have some questions regarding this developer work.
> > Maybe you can help me.
> >
> > The first is: is it true, that radtest doesn't encrypt it's messages so
> > proxy requests will contain the password in a recoverable manner?
>
>   The User-Password attribute is protected "on the wire".  The passwords
> are recoverable, because the home server has to check them.
>
>   See RFC 2865 Section 5.2 for more information.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list