On Tue, Apr 27, 2010 at 1:17 AM, John Dennis <jdennis@redhat.com> wrote:
On 04/26/2010 05:33 PM, Eric.Hernandez@allegiantair.com wrote:
I see thats what I thought, I also confirmed its all clear text with tcpdump.
If I were to switch my backend to an ldap system would I have encrypted traffic for user authentication with freeradius remote ldap/backend setup?
Or you could probably tunnel the traffic via SSH or some other encrypted medium. Given this will add overhead though I don't know to say how much in compared to other solutions, depending on your deployment I guess. Regards, Liran Tal.
Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so it might need some tweaking for 2.x
Also is there a nas/radacct table equivalent in the ldap solution or is it strictly for user authentication?
Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so it might need some tweaking for 2.x
FWIW, I don't have extra cycles at the moment.
BTW, patching rlm_sql_mysql to use SSL wouldn't be hard.
-- John Dennis <jdennis@redhat.com>
Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html