<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
<br><div><div>Am 26.05.2008 um 16:00 schrieb Nicolas Goutte:</div><br class="Apple-interchange-newline"><blockquote type="cite"> <br><div><div>Am 26.05.2008 um 15:41 schrieb Matt Ashfield:</div><br class="Apple-interchange-newline"><blockquote type="cite"> <div class="Section1"><p class="MsoNormal">Hi,<o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">We’re looking into using PEAP with MSChapV2, instead of PAP (don’t want to use the SecureW2 client anymore) so are investigating ways to store the password in LDAP.<o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">According to <a href="http://deployingradius.com/documents/protocols/compatibility.html">http://deployingradius.com/documents/protocols/compatibility.html</a> ,the options are storing the password in Clear-Text or in an NT Hash (ntlm_auth). <o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">In talking with our LDAP people, I was told the following:<o:p></o:p></p><p class="MsoNormal"><span style="font-family:"Courier New"">SunOne does not support nt-hash passwords. Supported formats are CLEAR, CRYPT, DES, NS-MTA-MD5 (Netscape MD5), SHA, and SSHA. <br> <br> Fedora Directory Server 1.1.0 supports CLEAR, CRYPT, DES, MD5, NS-MTA-MD5, SHA, SHA256, SHA384, SHA512, SSHA, SSHA256, SSHA384, and SSHA512.<o:p></o:p></span></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">It sounds to me like if we want to do PEAP/MSChapV2 we’d have to store the password in cleartext? I would just like to verify this via this list.</p></div></blockquote><div><br></div><div>Yes, not any of the formats is NT Hash.</div><div><br></div><div>(NT Hash is the MD4 hash of the UTF-16LE encoding of the password.)</div></div></blockquote><div><br></div><div>I have forgotten: as NT-Hash under Linux is "handled" by Samba, you should check in that direction too, e.g. smbpasswd.</div><br><blockquote type="cite"><div><br><blockquote type="cite"><div class="Section1"><p class="MsoNormal"><o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">Any advice is appreciated.<o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">Thanks</p></div></blockquote><div><br></div><div>Have a nice day!</div><br><blockquote type="cite"><div class="Section1"><p class="MsoNormal"><o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal">Matt<o:p></o:p></p><p class="MsoNormal"><a href="mailto:mda@unb.ca">mda@unb.ca</a><o:p></o:p></p><p class="MsoNormal"><o:p> </o:p></p> </div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">-</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a></div> </blockquote></div><br><div> <span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><div>Nicolas Goutte</div><div><br class="khtml-block-placeholder"></div><div> </div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">extragroup GmbH - Karlsruhe</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Waldstr. 49</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">76133 Karlsruhe</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Germany</div><div> </div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Registergericht: Amtsgericht Münster / HRB: 5624</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Steuer Nr.: 337/5903/0421 / UstID: DE 204607841</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br class="khtml-block-placeholder"></div><br class="Apple-interchange-newline"></span> </div><br></blockquote></div><br><div> <span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><div>Nicolas Goutte</div><div><br class="khtml-block-placeholder"></div><div> </div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">extragroup GmbH - Karlsruhe</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Waldstr. 49</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">76133 Karlsruhe</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Germany</div><div> </div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Registergericht: Amtsgericht Münster / HRB: 5624</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">Steuer Nr.: 337/5903/0421 / UstID: DE 204607841</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><br class="khtml-block-placeholder"></div><br class="Apple-interchange-newline"></span> </div><br></body></html>