Support for other hash (like MD5, SHA1) using MSCHAPv2

Brivaldo Junior brivaldo.junior at
Thu Feb 3 18:10:07 CET 2011

> string, known as the "CHAP challenge", and the client sends back a 
> hash
> of (challenge + password). This hashed value is only of use to you if

 after I read a little of MSCHAP RFC, I understand this.

> already know the cleartext password, because you can calculate the 
> hash
> of (same challenge + expected password) and see if you get the same
> value, and so decide if the user knows the correct password. But you
> can't use the CHAP response to login to anything else. You can't even

 Thanks for support, I spend some hours, but I really learn more, and 
 this is a good

 Brivaldo Jr

More information about the Freeradius-Devel mailing list