21 Jul
2006
21 Jul
'06
7:28 a.m.
Mircea Harapu wrote:
PAP sends the following radius request:
User-Name = "Someuser" User-Password = "somepassword"
HOWEVER, the User-Password field in a radius packet is defined by RFC to be encrypted with the radius shared secret.
The pam_radius_auth is sending User-Password without beeing encrypted . I have set the same shared secret in /etc/raddb/server and clients.conf
I believe you are incorrect. Have you looked at the actual packets on the wire with a sniffer? Remember, when FreeRadius displays the packet, it has already decrypted it so of course you will see it in the clear in the FR debug output and logs.