Freeradius-Users Digest, Vol 24, Issue 60

Prateek Gupta pragup at gmail.com
Thu Apr 12 14:41:43 CEST 2007


>>Can you point to a specification saying how this hashing works?

A---------->B(nsis server)--------->C(radius server)

User A generates a large buffer which contains various Authentication
Attributes, A hash of this string is generated using MD5 algorithm with a
key known to both users A and C, This string is appended to the original
string and sent over the network, Node B get this string and it extract
various session attributes from this string.

The attributes extracted should be used to construct the diameter message
using freeradius client library.










On 4/12/07, freeradius-users-request at lists.freeradius.org <
freeradius-users-request at lists.freeradius.org> wrote:Date: Thu, 12 Apr 2007
10:23:51 +0200
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: Generating AAA message for freeradius.
To: FreeRadius users mailing list
       <freeradius-users at lists.freeradius.org>
Message-ID: <461DEC97.7030807 at deployingradius.com>
Content-Type: text/plain; charset=ISO-8859-1

Prateek Gupta wrote:
> User A sends the NSIS request with its keyed hash (generated using User
> A's key) appended to it to the NSIS server. Now the NSIS server needs to
> authenticate that request with a Radius server.

 Can you point to a specification saying how this hashing works?

> Is there a way to do this i.e. how to generate a AAA message with the
> information available i.e. a string, its keyed hash and User A's id ?
> Assuming that the Radius server has keys of all legitimate users.

 Yes.

http://www.freeradius.org/freeradius-client/

 Alan DeKok.
--
 http://deployingradius.com       - The web site of the book
 http://deployingradius.com/blog/ - The blog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070412/973a7a47/attachment.html>


More information about the Freeradius-Users mailing list