Phillip Smith wrote:
My problem: I'm strongly against storing passwords in clear text so I want the passwords in PostgreSQL to be MD5 or SHA1 hashed.
Probably salted.
Everything I've read through Google seems to be indicating that for any form of encryption to work between the client and server, that the database has to use clear text passwords.
No. http://deployingradius.com/documents/protocols/compatibility.html
I have successfully got the FreeRADIUS + PostgreSQL combination working with clear text, but I can not make the move to hashed passwords.
1) It what I am trying to do possible?
Yes.
2) If so, is it possible without any significant drawbacks?
It limits your ability to use different authentication protocols.
3) Any pointers in the right direction to how to achieve what I am after?
See "man rlm_pap". You can use the "auto-header" thing, or just use MD5-Password directly: # "users" file entry: bob MD5-Password := 0x12345... # Alan DeKok.