Using mschap authentication without EAP
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Fri Jul 21 13:32:38 CEST 2006
>
> Thibault Le Meur wrote:
> > rad_recv: Access-Request packet from host 127.0.0.1:32801,
> id=0, length=217
> > User-Name = "misterc"
> > CHAP-Challenge = 0xa26932d73791f27d1314426f740ab34e
> > CHAP-Password = 0x002e07a2cc1f27e7fbd22e7bb3721a3986
>
> >
> > That means that your client is trying MS-CHAP, and MS-CHAP can't be
> > used
> > with something else than NT-Hash passwords or cleartext
> passwords in the
> > authorize backend (in your case LDAP).
>
> No, it does NOT.
>
> It means his client is trying CHAP. Not MS-CHAP
You're right... sorry I was too fast in my reply... ;-) but the conclusion
was about the same : use a cleartext password (except for the Nt-hash
alternative ;-) ).
Thibault
More information about the Freeradius-Users
mailing list