On 05/29/2012 09:49 AM, val john wrote:
Hi..
i have freeradius that uses LDAP authentication password in md5 format
and have ubuntu client that users WPA supplicant with following details,
Authentication : Tunneled TLS CA certificate : ca.pem Inner Authentication : PAP
Then the username and password ,
because im using CA certificate(ca.pem) of the radius in the client side , server and client communication should be secure ...correct me if im worng..
i just want to know , is these details are secure to send password via network , because when i ran radius in debug mode i can see the password in clear text.
Of course, TLS encryptes/decryptes at the socket level, FreeRADIUS is seeing the data after it's read off the socket. -- John Dennis <jdennis@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/