Hi, Chen.<br>
<br>
There is ongoing discussion on this topic :<br>
<br>
<a href="http://lists.freeradius.org/pipermail/freeradius-users/2005-October/047606.html">http://lists.freeradius.org/pipermail/freeradius-users/2005-October/047606.html</a><br><br>
You might also want to check this, for information related to digest authentication with RADIUS and LDAP :<br>
<br>
<a href="http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_authentication.html">http://www-rocq.inria.fr/who/Philippe.Sultan/Asterisk/asterisk_sip_external_authentication.html</a><br>
<br>
Bye,<br>
<br>
Philippe<br>
<br><div><span class="gmail_quote">On 10/12/05, <b class="gmail_sendername">Cheng Zhang</b> <<a href="mailto:czhang.cmu@gmail.com">czhang.cmu@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I have setup SER to authenticate via FreeRADIUS with MSSQL DB. The SIP<br>proxy (SER) use digest authentication to authenticate with FreeRADIUS<br>server. This way the user's password is stored as cleartext in the<br>database. I'd like to know is there a way to make such setup using
<br>hashed password (just MD5 or HA1)?<br>I asked this question on SER's mailing list, but seems cleartext<br>password is the only way to do digest authentication with FreeRADIUS.<br>After reading through RFC2617 and draft-ietf-radext-digest-auth-04,
<br>seems to me that if Digest-Algorithm attribute in RADIUS packet is<br>'MD5-sess', there is a Digest-HA1 attribute might be useful for my<br>purpose. Is there any options to tweak FreeRADIUS's digest<br>authentication mode, something like 'auth_type' or 'encrypt_method'
<br>for MSCHAP or other authentication methods?<br>Thanks.<br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br></blockquote>
</div><br>