freeRadius seems to have a 32 character limit on the length of the shared-secret. Is there any way to override that or use a longer shared-secret? -Travis
Hi,
freeRadius seems to have a 32 character limit on the length of the shared-secret. Is there any way to override that or use a longer shared-secret?
there have been discussions about this in the past. at the time, common length was 16 char.... 32 is big..and with Message-Authenticator added into the mix you can get quite secure... but if you are being paranoid then RADIUS o/ TLS (aka RADSEC) is the way to go.... FR doesnt yet do RADSEC natively - RADSecProxy would be the answer... you you could think that XOR is still safe with bigger numbers..in which case, changes could be made...but that presumes that other RADIUS servers which can TAKE longer secrets actually honour those lengths and dont just truncate them alan
So you're saying that new versions of freeRadius (2.1.10) has support for longer shared-secrets? Do you know what the maximum length is now? -Travis From: freeradius-users-bounces+tdimmig=impulse.com@lists.freeradius.org [mailto:freeradius-users-bounces+tdimmig=impulse.com@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Tuesday, February 01, 2011 3:45 AM To: FreeRadius users mailing list Subject: Re: shared-secret Travis Dimmig wrote:
freeRadius seems to have a 32 character limit on the length of the shared-secret.
No. If you're seeing that, either the documentation is out of date, or you're using a ~10 year-old version of the server. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ________________________________________ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1204 / Virus Database: 1435/3416 - Release Date: 02/01/11
participants (3)
-
Alan Buxey -
Alan DeKok -
Travis Dimmig