Digest W/HA1 Authentication
Tavis P
tavis.lists at galaxytelecom.net
Wed Feb 1 20:50:16 CET 2006
Yeah, when using freeradius to authentication users on a SIP proxy for
example it would be ideal to be able to use HA(1) instead of basic
digest with plain text passwords
Several months ago there was a couple patches sent in to add HA(1)
support to the digest authentication module (for freeradius 1.0.5) and
someone mentioned that they had been added to CVS.
I assumed the patch was included in 1.1.0 (based off of the Changelog
entry "Support User-Password field encryption in digest mode.")
From this email (
http://lists.cistron.nl/pipermail/freeradius-users/2005-October/047818.html
) i was under the impression that i could supplant the "User-Password"
field with "MD5-Password" and the digest module would use the HA(1)
algorithm to authenticate the request
Setting the attribute to MD5-Password causes the sql module to return
"notfound" and the digest module complains that there needs to be '
"User-Password" or MD5-Password" ' items and returns invalid
Alan DeKok wrote:
> Tavis P <tavis.lists at galaxytelecom.net> wrote:
>
>> I'm just curious which attribute type (or digest module configuration) i
>> need to use to enable HA1 digest authentication in Freeradius 1.1.0?
>>
>
> What do you mean by that? Using the Digest-HA1 data for
> authentication, rather than clear-text password?
>
> That's not supported in the module, but it wouldn't be hard to add.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
More information about the Freeradius-Users
mailing list