6 Oct
2011
6 Oct
'11
10:37 a.m.
On 06/10/11 14:19, Alex rsm wrote:
I agreed, the EAP message sent from Access Point does not send the password. The client sends the encrypted password. I think I should ask, how FreeRadius can retrieve the password in 802.1x authentication mechanism.
FreeRADIUS can read the password from SQL, LDAP, csv files, or "users"-style files. It can read the plaintext password, or several formats of encrypted password (which must be compatible with the EAP method) See: http://deployingradius.com/documents/protocols/compatibility.html For one specific EAP mechanism (EAP-MSCHAPv2 - possibly inside PEAP) FreeRADIUS can also delegate the password check to a windows AD controller. Is this what you are asking?