Silly question - secure Radius?

Stefan.Neis at Stefan.Neis at
Thu Jul 7 15:31:14 CEST 2005

Shawn Kennedy schrieb:

> Sure, you can use a 
> Shared Secret and the password is sent with a 
> MD5 hash, but is there anything better?

Sure, you can use the CHAP protocol or EAP protocols
for authenticating, then no password needs to be
send to the RadiusServer  (instead, you get a challenge
and your computer locally uses your password to compute
a response, the RadiusServer gets challenge, respones 
and does the same computation to  verify the password
and nothing is transferred over the net which allows to
obtain the password).


More information about the Freeradius-Users mailing list