29 Apr
2008
29 Apr
'08
10:10 a.m.
Riccardo Veraldi wrote:
I used wireshark to sniff communication between my radisu server and the user-password attribute is encrypted
Yes... go read the RFC's. This is what's supposed to happen. We're already aware of it.
to test if this is strong enough I wanted to ask if there is a way to decrypt this user-password attribute since my radisu server is doign proxy to other radius server.
Huh? If you have a shared secret with the NAS, the proxy will automatically decrypt it. There's nothing more that you need to do.
my question is how much is risky to have user-passsword attribute travellign across the network ? is the encryption applyed to the user-password strong enough ?
It's good enough for most people. Alan DeKok.