Hello Please I have a challenge encrypting passwords using md5 in MySQL database for radius users. When I do a radtest like this: radtest test password localhost 0 key for user test with md5(password) in MySQL database it is successful. However when do this : radtest -t mschap testmd5 password localhost 0 key, I get MS-CHAP Error Sending delayed reject for request 0 Sending Access-Reject of id 143 to 127.0.0.1 port 55008 MS-CHAP-Error = "\000E=691 R=1" I read online,it is not possible to do md5 with MS-CHAP. I don't want to save users passwords in clear text. How can I achieve encrypting user's passwords in MySQL database. I have Freeradius2.1.12 installed. Please I will be grateful for suggestions. I have the following in modules #### /etc/raddb/modules/pap ### pap { auto_header = yes encryption_scheme = md5 } #### /etc/raddb/modules/mschap ### mschap { use_mppe = yes require_encryption = yes } Any help will be very much appreciated Thank You ---- Pamela Pomary ICTD, University of Ghana.
On 16/03/12 16:14, pamela pomary wrote:
I read online,it is not possible to do md5 with MS-CHAP. I don't want to
This is correct.
save users passwords in clear text. How can I achieve encrypting user's passwords in MySQL database. I have Freeradius2.1.12 installed. Please I will be grateful for suggestions.
To do MSCHAP, you MUST store either the plaintext password, or the NT hash (MD4 of little-endian UTF-16 form password) See here: http://deployingradius.com/documents/protocols/compatibility.html
participants (2)
-
pamela pomary -
Phil Mayers