802.1x with mschap-radius-ldap with ssha-1 passwords
Matt Ashfield
mda at unb.ca
Mon Jul 17 21:16:37 CEST 2006
I was afraid you'd say that. What would you suggest as a workaround for this
problem? Could I do EAP-TTLS using the securew2 client instead? Or am I
better off creating a 2nd password attribute on the LDAP directory that is
maybe encoded as an NT-Password attribute or something like that.
Thanks
Matt Ashfield
Network Analyst
Integrated Technology Services
University of New Brunswick
(506) 447-3033
mda at unb.ca
-----Original Message-----
From: aland at nitros9.org [mailto:aland at nitros9.org]
Sent: July 17, 2006 4:00 PM
To: mda at unb.ca; FreeRadius users mailing list
Subject: Re: 802.1x with mschap-radius-ldap with ssha-1 passwords
"Matt Ashfield" <mda at unb.ca> wrote:
> I'm trying to do 802.1x authentication using freeradius against an LDAP
> directory which stores the userPassword in an ssha-1 hash. My question is,
> is this possible? If so, how do I configure mschap for ssha-1 passwords?
You don't. It's impossible.
Alan DeKok.
More information about the Freeradius-Users
mailing list