Hi Alan,

This is me again asking for help and you are here to help. So you think that plain text is not unsecure? I was thinking about it and if my SQL system is secure, so my tables will be secure too. But, when a client sends a package in my network, someone else can see this with a spoofing software?

So using version 1.1.4 I could not compile it to use MySQL. It always says that there is no rlm_sql library. I tryied many times, but nothing... Unfurtunately the documentation is mostly useless or spare...

Thank you for your time.

Alan DeKok escreveu:
Nataniel Klug wrote:
  
    Into radcheck table I have:

mysql> SELECT * FROM radcheck;
+----+----------+----------------+----+----------------------------------+
| id | UserName | Attribute      | op | Value                            |
+----+----------+----------------+----+----------------------------------+
|  1 | teste    | Crypt-Password | == | 42cbf4730aeac1d645324d4818104826 |
+----+----------+----------------+----+----------------------------------+
    

  Use ':=', not '=='.  See the rlm_sql documentation for why.

  
    The password was encrypted using PHP MD5 command and should be 8872. 
But when I use a radtest command the respose of my Radius is:
    

  Hmm.. Crypt-Password is for Unix crypt'd passwords, not MD5 hashed
passwords.

  
    I made the same in debug mode and radius just not get the password. 
I think it is not testing the 8872 password to see if it matches de MD5 
crypt. I tryed with "42cbf4730aeac1d645324d4818104826" as a password and 
it returned OK for the request. How can I do this work? I need that into 
MySQL table I have a crypted password (for security reasons)
    

  I disagree, but that's another story.

  
and I need 
that my clients can put a simple text password.
    

  In 1.1.4, you can put this into SQL:

Password-With-Header := "{md5}42cbf4730aeac1d645324d4818104826"

  That should work with the default config.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

  

-- 
Att,

NATANIEL KLUG
nata@cnett.com.br


Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290