Hello, I have implemented an embedded client that sends authentication requests either with User-Password (Attr Type 2) or CHAP-Password (Attr Type 3). This works perfectly, the requests are accepted or rejected from FreeRadius. 1. But how is User-Password (Attr Type 2) declared? Is this PAP? It don't seems so, since in all descriptions PAP means plain text, and the User-Password is MD5'ed with random authenticator and shared secret. How to label this authentication for the client user? 2. When I use CHAP-Password (Attr Type 3) in the request it works without problems. But shouldn't this attribute part of a Challenge Response? How can I activate that? Since I wrote my own client, I want a clean implementation and make no mistakes. Best Regards, Peter - ------------------ Moving Bytes Communications, Systementwicklung GmbH Geschäftsführer Peter Sprenger Carl-Sutor-Str.26 D-50226 Frechen Germany Registergericht: Amtsgericht Köln, HRB 30047 Ust-IDNr.: DE195140727 Tel.: +49/2234/430-9207 Fax.: +49/2234/430-9205 Email: sprenger@moving-bytes.de http://www.moving-bytes.de
On May 5, 2017, at 1:09 PM, Peter Sprenger <sprenger@moving-bytes.de> wrote:
I have implemented an embedded client that sends authentication requests either with User-Password (Attr Type 2) or CHAP-Password (Attr Type 3). This works perfectly, the requests are accepted or rejected from FreeRadius.
1. But how is User-Password (Attr Type 2) declared?
This isn't really the place to ask RADIUS protocol questions. I suggest reading RFC 2865, and the FreeRADIUS code. Between the two, all of these questions should be answered. Alan DeKok.
participants (2)
-
Alan DeKok -
Peter Sprenger