Support for other hash (like MD5, SHA1) using MSCHAPv2

Alan DeKok aland at
Wed Feb 2 16:21:19 CET 2011

Brivaldo Junior wrote:
>   We use OpenLDAP here, and have many users with many fields
>  userPassword each one with one hash like, MD5, SHA1, SSHA, SMD5 and
>  others. Using PAP, work perfect,
>  but, we want to use MSCHAPv2 because work with simple conf (thinking on
>  user side) on Windows, MacOSX and sometimes Linux too.

>    Our idea is to get ClearText decoded on MSCHAP connection (get this
> information) and encode using OpenSSL (same
> form used on PAP) to check if hashes are the same of which were obtained
> from OpenLDAP.

  It's impossible.

  Alan DeKok.

More information about the Freeradius-Devel mailing list