11 Jul
2012
11 Jul
'12
8:21 a.m.
Hi,
is there a way to securely transport and store the Username/Password with freeradius? If I am informed correctly, you can use PEAP to ensure that the data is encrypted but the most supported PEAP mode is with MSCHAPv2 which implies that the passwords are stored in clear text or NT-Hash.
....PEAP will securely transport things - as with MSCHAPv2 the password is never sent. whether the passwords are stored in plain/nt-has format is down to how you are doing things.. if they are stored in AD then they are not stored in a plain format. alan