Hi, I have freeradius using ldap DS for aaa. my radius supports vpn users and uses PAP. what is the best way for secure user_passwords in connections?
Zahra Bahar wrote:
I have freeradius using ldap DS for aaa. my radius supports vpn users and uses PAP. what is the best way for secure user_passwords in connections?
Connections to what? The protocols are already designed to be secure. Don't worry about it. Alan DeKok.
I mean in this connections using PAP, user-password is clear-txt. (using chap makes ldap server not to use encryption passwords in DS therefore I want to use PAP). isn't it unsecure?
Zahra Bahar wrote:
I mean in this connections using PAP, user-password is clear-txt.
No. It's encrypted when it's sent over the network in RADIUS, and if you use SSL to talk to LDAP, it's encrypted there, too.
(using chap makes ldap server not to use encryption passwords in DS therefore I want to use PAP). isn't it unsecure?
No. Alan DeKok.
participants (2)
-
Alan DeKok -
Zahra Bahar