On 16 May 2013, at 09:27, Sergii Bieliaievskyi <s.bieliaievskyi@sethq.com> wrote:
2013/5/16 Alan DeKok <aland@deployingradius.com> Sergii Bieliaievskyi wrote:
This is so frustrating :( How it can be possible to do strong security using reliable passwords and to have no encryption in the same time.
I think you misunderstand the issues.
OTP passwords were created so that it doesn't *require* that the password be hidden.
Systems like MSCHAP were created so that the passwords could be used many times, because they're hashed.
The two systems are *designed* to be incompatible.
But only ms-chap supports data encryption. I want to use OTP and MPPE simulteniosly. But MPPE without ms-chap cann`t exist. Am I right?
What are you actually trying to use this with? 802.1X/WPA2-Enterprise or for VPN authentication. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team