On 31-12-18 16:22, Anton Kiryushkin wrote:
In other words, how can I make a different way to authorisation users by per controllers? I found the option virtual_server, but when I read a log I saw that client goes through a dedicated site with an md5-hashed password and after comes back to default site. What is this hash: MD5-Password := 0x6c375752517179667431416e4c4f6462714d365679413d3d I saved in my database other hashed via next script:
#! /usr/bin/perl -w use strict; use Digest::MD5; use MIME::Base64; unless($ARGV[0]){ print "Please supply a password to create a MD5 hash from.\n"; exit; } my $ctx = Digest::MD5->new; $ctx->add($ARGV[0]); print encode_base64($ctx->digest,'')."\n";
That doesn't result in a MD5 hash, but in a base64-encoded MD5 hash. You can replace the last line with: print $ctx->hexdigest."\n"; (Or just use something like `echo -n "secret" | md5sum` in bash)
And passwords hashed in that way are working with VPN-site.
Theoretically, FreeRADIUS will be able to use it as well, after performing a number of operations on it. It's probably easier to check if the VPN-thingy supports the output of hexdigest as well. -- Herwin Weststrate