Using %{User-Password} in sql query for mschapv2

Matthew Newton mcn4 at
Sun Apr 1 19:07:29 CEST 2012

On Sun, Apr 01, 2012 at 03:30:37AM +0200, Oliver wrote:
> I use FreeRADIUS Version 2.1.10 on Debian with OpenVPN and
> xl2tp/openswan and the rlm_sql module. I want to use the user password
> in a sql query in dialup.conf. This works fine with ssh and openvpn
> logins but not with mschapv2. I don't know if the password is really not
> submitted or just not replaced in the sql query.

This question should go to freeradius-users, not -devel.

mschapv2 is challenge-response. You don't get the password in the

> Is there a simple way to make this work?

Depends if you store the password on your system in clear text. If
not, then no.


Matthew Newton, Ph.D. <mcn4 at>

Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at>

More information about the Freeradius-Devel mailing list