20 Apr
2012
20 Apr
'12
7:39 a.m.
alan buxey wrote:
regarding using SHA1 - easy, just ensure that your passwords are stored as SHA1 objects - the docs say how to do this
No. He's changing the *source code* to encrypt the User-Name password via SHA1, instead of MD5. This isn't supported, and will never be supported. People who want security should use RADIUS over TLS. Using SHA1 instead of MD5 is broken and pointless. Alan DeKok.