attribute for BASE64Encoder
Hi, We are using java BASE64Encoder to encrypt passwords. Which attribute I have to give in the radcheck table for this? I have tried MD5-Password. But it gives the following log Tue Feb 9 18:19:50 2016 : Info: [pap] login attempt with password "password" Tue Feb 9 18:19:50 2016 : Info: [pap] Using MD5 encryption. Tue Feb 9 18:19:50 2016 : Info: [pap] Configured MD5 password has incorrect length Tue Feb 9 18:19:50 2016 : Info: [pap] Passwords don't match Please advice. -- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr [image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
Base64 is not, in any sense, encryption. Nor is MD5 for that matter, which is instead a weak hashing algorithm. Base64 is a way of representing arbitrary binary data in ASCII. At best, it gives you shallow obfuscation, worthless if you expect and desire encryption.
Thanks for the info Nick. Maybe our developer informed us wrong. I'll check with them again. Best regards, Randeep On Tue, Feb 9, 2016 at 7:06 PM, Nick Lowe <nick.lowe@gmail.com> wrote:
Base64 is not, in any sense, encryption. Nor is MD5 for that matter, which is instead a weak hashing algorithm.
Base64 is a way of representing arbitrary binary data in ASCII. At best, it gives you shallow obfuscation, worthless if you expect and desire encryption. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr [image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
Thanks Matthew. On Tue, Feb 9, 2016 at 7:18 PM, Randeep <randeep123@gmail.com> wrote:
Thanks for the info Nick.
Maybe our developer informed us wrong. I'll check with them again.
Best regards, Randeep
On Tue, Feb 9, 2016 at 7:06 PM, Nick Lowe <nick.lowe@gmail.com> wrote:
Base64 is not, in any sense, encryption. Nor is MD5 for that matter, which is instead a weak hashing algorithm.
Base64 is a way of representing arbitrary binary data in ASCII. At best, it gives you shallow obfuscation, worthless if you expect and desire encryption. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr
[image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
-- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr [image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
Hi All, It seems we are using PKCS5. In this case what we can use in place of attribute in radcheck table. Regards, Randeep Thanks Matthew. On Tue, Feb 9, 2016 at 7:18 PM, Randeep <randeep123@gmail.com> wrote:
Thanks for the info Nick.
Maybe our developer informed us wrong. I'll check with them again.
Best regards, Randeep
On Tue, Feb 9, 2016 at 7:06 PM, Nick Lowe <nick.lowe@gmail.com> wrote:
Base64 is not, in any sense, encryption. Nor is MD5 for that matter, which is instead a weak hashing algorithm.
Base64 is a way of representing arbitrary binary data in ASCII. At best, it gives you shallow obfuscation, worthless if you expect and desire encryption. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr
[image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
-- Randeep Mob: +919447831699[kerala] Mob: +919880050349[B'lore] http://twitter.com/Randeeppr http://in.linkedin.com/in/randeeppr [image: --] Randeep Raman [image: http://]about.me/Randeeppr <http://about.me/Randeeppr>
On Tue, Feb 09, 2016 at 06:59:30PM +0530, Randeep wrote:
We are using java BASE64Encoder to encrypt passwords. Which attribute I have to give in the radcheck table for this?
Base64 encoding is not encrypting. You might as well store your passwords in plain text, then rlm_pap will just work. Matthew -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>
participants (3)
-
Matthew Newton -
Nick Lowe -
Randeep