AW: AW: AW: AW: EAP-TTLS MD5 hashed PasswordsinMySQLDatabaseforWPA-802.1xauth
Christian Poessinger
christian at poessinger.com
Wed Aug 2 20:06:01 CEST 2006
freeradius-users-bounces+christian=poessinger.com at lists.freeradius.org
wrote:
> "Christian Poessinger" <christian at poessinger.com> wrote:
>> I'm really getting confused now ... is it actually possible to use
>> md5 hashed passwords in a sql backend and doing EAP-TTLS for
>> authenticating wireless clients?
>
> http://deployingradius.com/documents/protocols/compatibility.html
>
> See the matrix, the answer is "yes, for PAP".
>
>> I had a little look at the rlm_sql and rlm_pap sourcecode and well
>> the only attribute stuff I found was Password and Crypt-Password. So
>> I'm thinking it could be possible that it just won't work with md5
>> hashed passwords and it will only work with CRYPT passwords.
>
> In 1.1.x, you have to tell the "pap" module that the password is
> stored as an MD5 hash. See it's examples & documentation.
>
I think you mean this:
radiusd.conf
pap {
encryption_scheme = md5
}
Well I have this in my configuration since I tried to set this up but
when you look some messages ago I got it working with crypt. With the
md5 hash I always got the missing Auth-Type error. I also added an
Auth-Type MD5 {
pap
}
to the Authenticate section but I wasn't that lucky.
-CP
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2709 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060802/1bcd10d8/attachment.bin>
More information about the Freeradius-Users
mailing list