On 30.06.23 13:26, Alan DeKok wrote:
On Jun 30, 2023, at 6:46 AM, Michael Schwartzkopff via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
I am trying to use a hased password, but I get the error:
pap: ERROR: SHA1 digest does not match "known good" digest
from the eap_gtc module.
According to the compatibility matrix this should work. Hmm, yes. It should work.
I do this:
update control { &SHA1-Password := "%{sha1:hello}" } pap.authenticate ...
Thanks. That solved the problem. I calculated the SHA sum for my password incorrect. Next question: How can I define a salted hash password in the users file? I did not find anything useful in the docs. openssl passwd -5 -salt salt hello $5$salt$ZYXsK0pxpaRWBUweKuToC90TC/15c9Iz8u3SGLTaS4D How can I enter this string as password in FR? What attribute do I assign it? The Password-With-Header complains, because there is no {...} header. SSHA-Password? Will FR interpete $5$salt$.... correctly? Michael