Silly question - secure Radius?

Alan DeKok aland at
Fri Jul 8 01:56:35 CEST 2005

"Shawn Kennedy" <shawnlkennedy at> wrote:
> Thanks for the heads up.  Wasn't aware of such a thing.
> I briefly looked at CHAP, but abandoned it for the 
> obvious reasons.  Looking into EAP-TLS, but don't
> have a PKI infrastructure set up yet.

  EAP-TTLS or PEAP don't require client certs, only server certs.

> Just as a side question, is this sort of thing
> on FreeRadius's radar screen?

  radsec?  It addresses the server->server problem, not the supplicant
login problem.

  Sure, it's on the radar, but so far there hasn't been much
*practical* interest in implementing it.

  Alan DeKok.

More information about the Freeradius-Users mailing list