attribute Password in an Access-Reject packet
Alan DeKok
aland at ox.org
Tue Feb 14 17:02:55 CET 2006
Susana Macias <susana_macias12 at yahoo.es> wrote:
> I would like to know too, Alan
>
> I am only a developer... . And here anyone explains me
> anything :-(.
Then tell them I said it's a bad idea to put User-Password into
Access-Accept. There are probably better ways of doing the same
thing, like using Tunnel-Password.
And it's even a worse idea to put User-Password into Access-Reject.
If anyone thinks it's necessary, then they're doing something wrong.
They'd probably be better off using Access-Challenge.
If they argue, tell them to email me privately, and I'll discuss it
with them. Ignoring the RFC's can lead to serious security problems.
Alan DeKok.
More information about the Freeradius-Users
mailing list