On Tue, Apr 27, 2010 at 1:17 AM, John Dennis <jdennis@redhat.com> wrote:
On 04/26/2010 05:33 PM, Eric.Hernandez@allegiantair.com wrote:
I see thats what I thought, I also confirmed its all clear text with
tcpdump.

If I were to switch my backend to an ldap system would I have encrypted
traffic for user authentication with freeradius remote ldap/backend setup?
 
 
Or you could probably tunnel the traffic via SSH or some other encrypted medium.
Given this will add overhead though I don't know to say how much in compared to other solutions,
depending on your deployment I guess.
 
 
 
Regards,
Liran Tal.
 
 
 
 
 
Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so it might need some tweaking for 2.x



Also is there a nas/radacct table equivalent in the ldap solution or is
it strictly for user authentication?

Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so it might need some tweaking for 2.x

FWIW, I don't have extra cycles at the moment.

BTW, patching rlm_sql_mysql to use SSL wouldn't be hard.


--
John Dennis <jdennis@redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html