MSCHAPv2, MySQL, Freeradius

Dan Russell dan at in-house.com.au
Mon Oct 3 02:50:06 CEST 2005


>"Dan Russell" <dan at in-house.com.au> wrote:
>> Is there a way in which I can have encrypted passwords in the mysql
>> database and use MSCHAPv2 to authenticate users?
>
>  If they're NT hashed, yes.  Otherwise, no.
>
>> If I used a third party tool like mkntpwd to create NT Hashes, could
I
>> put premade hashes in the database and use them to authenticate
>
>  Yes.
>

Is there any specific config change I would need to make to enable this?

>> or would rlm_mschap encrypt the password attribute anyway?
>
>  I have no idea what that means.
>

How does freeradius identify that the password has already been NT
hashed?  
What stops it from encrypting whatever it finds in the radcheck table
for the password?  Do I set it as User-Password or Encrypted-Password
instead of Password?

>  Alan DeKok.
>- 
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html

Thanks in advance,

Dan Russell





More information about the Freeradius-Users mailing list