FreeRadius-1.1.0 - rlm_digest with MD5 passwords in a MySQL db
Alan DeKok
aland at ox.org
Tue Jan 24 00:29:35 CET 2006
=?ISO-8859-1?Q?Evan_Borgstr=F6m?= <evan.borgstrom at ca.mci.com> wrote:
> I've been spending my day trying to get rlm_digest to work with
> encrypted passwords in a MySQL database.
It won't work. Digest requires access to the clear-text passwords,
OR the Digest-HA1 form of the password.
> When I use the User-Password
> attribute with a plain text password then digest authentication works
> fine, however when I change the attribute to MD5-Password I get the
> following on the console when running radiusd -X;
If you're trying to use the straight MD5 hashed version of the
password, it won't work. Ever. The protocol was designed to make it
impossible.
The PW_MD5_PASSWORD stuff in 1.1.0 is commented out for a number of
reasons, at least one of which is the hashed password should be called
Digest-HA1, and not MD5-Password.
Alan DeKok.
More information about the Freeradius-Users
mailing list