On Tue, Sep 27, 2011 at 4:25 PM, snan4love <snan4love@hotmail.com> wrote:
Here is a first little problem.Right now i could add and delete user in the radcheck table of MySQL,but all the passwords were stored in cleartext?
Depending on which tutorial you follow, yes.
is this the only way to store this password?
Nope
is it safe enough?
Depends. See faq, start from http://wiki.freeradius.org/FAQ#PAP+authentication+works+but+CHAP+fails You should be able to store passwords as NT-Password instead of Cleartext-Password if you only use pap and chap. Considering your level of knowledge, I don't recommend doing so at this stage though.
is it could be store in the format of ****** like what we set in the wpa-psk mode?
Just because you can't SEE it (i.e. *****) doesn't mean windows or the AP store it in encrypted format. So your question is not relevant.
Most Seriously, I am confused how to implement the "Authority Step" and "Accounting Step". For the "Authority Step",in my thought, I should create several different GROUPs, each GROUP has different authority,and then divide the users into different GROUPs and get different authority. Is that correct? For the "Accounting Step",i used DaloRadius,but found out there are few help for this web base management system online, and the MANUAL will cost $250.
Sorry, your question makes me confused. At this moment I suggest you write which tutorial/manual you're following, and ask the author/community list/forums.
For example, there are 9 tables in the defalut mysql scheme, like radcheck,radacct,nas,radgroup,radgroupreply etc, is there a document to describe these features?
Start with doc/rlm_sql. The docs are there for a purpose you know. -- Fajar