12 Apr
2007
12 Apr
'07
7:33 a.m.
Arran Cudbard-Bell wrote:
What was Cleartext-Password introduced for ?
Because putting "User-Password" in the "users" file was wrong. User-Password is an attribute that goes in an Access-Request. Cleartext-Password does not go in any packet. Instead, is an internal server configuration, that tells the server what the users "known good" password is. The server then uses Cleartext-Password to compare to User-Password for PAP. Or, it hashes Cleartext-Password for CHAP. Or, it hashes it a different way for MS-CHAP.
To support the output of the Auto header function in pap / ldap ?
Partially, yes. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog