Hi, Herwin. Yes, I’ve tried your suggestion as well, and it doesn't work. On Mon, 31 Dec 2018 at 15:32, Herwin Weststrate <herwin@quarantainenet.nl> wrote:
On 31-12-18 16:22, Anton Kiryushkin wrote:
In other words, how can I make a different way to authorisation users by per controllers? I found the option virtual_server, but when I read a log I saw that client goes through a dedicated site with an md5-hashed password and after comes back to default site. What is this hash: MD5-Password := 0x6c375752517179667431416e4c4f6462714d365679413d3d I saved in my database other hashed via next script:
#! /usr/bin/perl -w use strict; use Digest::MD5; use MIME::Base64; unless($ARGV[0]){ print "Please supply a password to create a MD5 hash from.\n"; exit; } my $ctx = Digest::MD5->new; $ctx->add($ARGV[0]); print encode_base64($ctx->digest,'')."\n";
That doesn't result in a MD5 hash, but in a base64-encoded MD5 hash. You can replace the last line with:
print $ctx->hexdigest."\n";
(Or just use something like `echo -n "secret" | md5sum` in bash)
And passwords hashed in that way are working with VPN-site.
Theoretically, FreeRADIUS will be able to use it as well, after performing a number of operations on it. It's probably easier to check if the VPN-thingy supports the output of hexdigest as well.
-- Herwin Weststrate - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Best regards, Anton Kiryushkin