Silly question - secure Radius?
Shawn Kennedy
shawnlkennedy at lucent.com
Thu Jul 7 20:12:41 CEST 2005
> -----Original Message-----
> From: aland at nitros9.org [mailto:aland at nitros9.org]On Behalf Of Alan
> DeKok
> Sent: Thursday, July 07, 2005 12:36 PM
> To: shawnlkennedy at lucent.com; FreeRadius users mailing list
> Subject: Re: Silly question - secure Radius?
>
>
> "Shawn Kennedy" <shawnlkennedy at lucent.com> wrote:
> > I am just getting started with setting up
> > Radius, and with the reading I've done (mostly
> > with the O'Reilly book), it seems that Radius
> > in itself is insecure. Sure, you can use a
> > Shared Secret and the password is sent with a
> > MD5 hash, but is there anything better?
>
> "radsec", which Radiator just came out with.
>
> I've taken a quick look at it, but I don't think it will be easy to
> implement inside of the current server. Adding it via an external
> program should be relatively trivial, though.
Hi Alan,
Thanks for the heads up. Wasn't aware of such a thing.
I briefly looked at CHAP, but abandoned it for the
obvious reasons. Looking into EAP-TLS, but don't
have a PKI infrastructure set up yet.
Just as a side question, is this sort of thing
on FreeRadius's radar screen?
Thanks again,
Shawn
More information about the Freeradius-Users
mailing list