6 Feb
2015
6 Feb
'15
8:49 a.m.
On Feb 6, 2015, at 8:41 AM, Jonathan Gazeley <Jonathan.Gazeley@bristol.ac.uk> wrote:
I want to add some test user accounts that can be authenticated through EAP but use a flat file rather than ntlm_auth. What's the recommended way of handling this without harming the performance of the majority of the users who will not appear in the users file?
Put the special users in the “users” file. Then, be sure that they’re not using ntlm_auth: bob Cleartext-Password := “hello”, MS-CHAP-Use-NTLM-Auth := no The “users” file puts entries into a binary tree. So it’s fast. The performance hit (if any) will be negligible compared to the cost of doing SSL. The RSA calculations need for SSL are *slow*. Alan DeKok.